MiracleLinux 4 : rh-mariadb101-mariadb-10.1.19-6.AXS4 (AXSA:2017-1288:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1288:01 advisory. MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation...

CVE-2024-1288

The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saswpreviewsformrender' function in all versions up to, and including, 1.26. This makes it possible for authenticated attackers, with...

CVE-2023-1288

An XML External Entity injection XXE vulnerability in ENOVIA Live Collaboration V6R2013xE allows an attacker to read local files on the server...

WordPress wooexim plugin <= 5.0.0 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin WOOEXIM versions = 5.0.0...

CVE-2024-1288

creationtimestamp| type| source ---|---|--- 2024-03-08 13:52:06+00:00| seen| https://t.me/ctinow/203308...

CVE-2023-1288

creationtimestamp| type| source ---|---|--- 2023-03-09 20:20:23+00:00| seen| https://t.me/cibsecurity/59738...

CVE-2023-1288

An XML External Entity injection XXE vulnerability in ENOVIA Live Collaboration V6R2013xE allows an attacker to read local files on the server...

CVE-2023-1288 ENOVIA Live Collaboration V6R2013xE is affected by an XML External Entity injection (XXE) vulnerability

An XML External Entity injection XXE vulnerability in ENOVIA Live Collaboration V6R2013xE allows an attacker to read local files on the server...

CVE-2023-1288

CVE-2023-1288 affects Dassault Systèmes ENOVIA Live Collaboration V6R2013xE. The connected sources describe an XML External Entity (XXE) vulnerability that allows an attacker to read local files on the server (remote read; potential RCE not clearly stated in the documents). The root cause is an X...

SUSE CVE-2015-1288

The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related...

SUSE: Security Advisory (SUSE-SU-2022:1288-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-1288

creationtimestamp| type| source ---|---|--- 2022-04-10 00:14:20+00:00| seen| https://t.me/cibsecurity/40433...

CVE-2022-1288 School Club Application System cross site scripting

A vulnerability, which was classified as problematic, has been found in School Club Application System 1.0. This issue affects access to /scas/admin/. The manipulation of the parameter page with the input %22%3E%3Cimg%20src=x%20onerror=alert1%3E leads to a reflected cross site scripting. The atta...

CVE-2022-1288 School Club Application System cross site scripting

A vulnerability, which was classified as problematic, has been found in School Club Application System 1.0. This issue affects access to /scas/admin/. The manipulation of the parameter page with the input %22%3E%3Cimg%20src=x%20onerror=alert1%3E leads to a reflected cross site scripting. The atta...

CVE-2022-1288

CVE-2022-1288 – School Club Application System 1.0 suffers a reflected cross-site scripting (XSS) vulnerability in the /scas/admin/ page. The issue is triggered by manipulating the page parameter with the payload “%22%3E%3Cimg%20src=x%20onerror=alert(1)%3E”, which can be exploited remotely withou...

Security Bulletin: Apache Kafka Vulnerabilities Affect the B2B API of IBM Sterling B2B Integrator (CVE-2017-12610, CVE-2018-1288)

Summary BM Sterling B2B Integrator has addressed the security vulnerabilities. Vulnerability Details CVEID: CVE-2017-12610 DESCRIPTION: Apache Kafka could allow a remote authenticated attacker to bypass security restrictions. By using a manually specially crafted protocol message with SASL/PLAIN ...

Samba 1.9.18 Elevate Privileges Vulnerability (CVE-1999-1288)

Samba is prone to a elevate privileges vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

kernel security update

2.6.32-754.35.1.0.3.OL6 - Fixes for RHSA-2021:1288 Orabug: 32809880...

CVE-2021-1288

creationtimestamp| type| source ---|---|--- 2021-02-04 20:34:35+00:00| seen| https://t.me/cibsecurity/23084...

CVE-2021-1288

Multiple vulnerabilities in the ingress packet processing function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory...