Huawei EulerOS: Security Advisory for nasm (EulerOS-SA-2026-1290)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-1290

creationtimestamp| type| source ---|---|--- 2026-01-21 17:14:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcx6b2kmid2h...

MiracleLinux 8 : poppler-0.66.0-27.el8 (AXSA:2021-1290:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1290:01 advisory. poppler: divide-by-zero in function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc CVE-2019-14494 Tenable has extracted the preceding description...

MiracleLinux 7 : firefox-45.7.0-1.0.1.el7 (AXSA:2017-1290:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-1290:01 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this...

CVE-2025-1290

A race condition Use-After-Free vulnerability exists in the virtiotransportspaceupdate function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtiovsocksock structure during an AFVSOCK connect syscall can occur before a worker thread accesses it resulting in a...

EUVD-2026-1290

The NS IE Compatibility Fixer plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in all versions up to, and including, 2.1.5. This is due to missing nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to modify the plugin'...

Linux Distros Unpatched Vulnerability : CVE-2011-1290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in WebKit, as used on the Research In Motion RIM BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in...

CVE-2024-1290

The User Registration WordPress plugin before 2.12 does not prevent users with at least the contributor role from rendering sensitive shortcodes, allowing them to generate, and leak, valid password reset URLs, which they can use to take over any accounts...

CVE-2019-1290

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0787, CVE-2019-0788, CVE-2019-1291...

CVE-2012-1290

Cross-site scripting XSS vulnerability in b2b/auction/container.jsp in the Internet Sales crm.b2b module in SAP NetWeaver 7.0 allows remote attackers to inject arbitrary web script or HTML via the loadPage parameter...

CVE-2025-1290

creationtimestamp| type| source ---|---|--- 2025-04-17 00:59:46+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12176 2025-04-17 02:48:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmy3rx3zd52l 2025-04-17 03:40:08+00:00| seen|...

WordPress Formidable Registration Plugin < 2.12 is vulnerable to Broken Authentication

Software Formidable Registration Type Plugin Vulnerable versions 2.12 Fixed in 2.12 OWASP Top 10 A4: Insecure Design Classification Broken Authentication CVE CVE-2024-1290 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID de229a590aad Credits Scott Kingsley Clark...

CVE-2024-1290

creationtimestamp| type| source ---|---|--- 2024-03-11 19:27:19+00:00| seen| https://t.me/ctinow/204974...

CVE-2024-1290 Formidable Registration < 2.12 - Contributor+ Arbitrary User Password Reset To Account Takeover

The User Registration WordPress plugin before 2.12 does not prevent users with at least the contributor role from rendering sensitive shortcodes, allowing them to generate, and leak, valid password reset URLs, which they can use to take over any accounts...

CVE-2024-1290

CVE-2024-1290 affects the WordPress Formidable Registration plugin (

CVE-2024-1290 Formidable Registration < 2.12 - Contributor+ Arbitrary User Password Reset To Account Takeover

The User Registration WordPress plugin before 2.12 does not prevent users with at least the contributor role from rendering sensitive shortcodes, allowing them to generate, and leak, valid password reset URLs, which they can use to take over any accounts...

CVE-2024-2151 SourceCodester Online Mobile Management Store Product Price logic error

A vulnerability classified as problematic was found in SourceCodester Online Mobile Management Store 1.0. Affected by this vulnerability is an unknown functionality of the component Product Price Handler. The manipulation of the argument quantity with the input -1 leads to business logic errors...

CVE-2023-1290

creationtimestamp| type| source ---|---|--- 2023-03-09 18:20:33+00:00| seen| https://t.me/cibsecurity/59731...

CVE-2023-1290

CVE-2023-1290 affects SourceCodester Sales Tracker Management System v1.0. A vulnerability in the file admin/clients/view_client.php arises from unsafely handling the id parameter, leading to an SQL Injection. Exploitation can be remote and has been publicly disclosed. Documented impact includes ...

K21536299: Apache Fineract vulnerabilities CVE-2018-1289, CVE-2018-1290, and CVE-2018-1292

Security Advisory Description CVE-2018-1289 In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, the system exposes different REST end points to query domain specific entities with a Query Parameter 'orderBy' and 'sortOrder' which are appended directly with SQL...