Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2026-1298)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-1298

The Easy Replace Image plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.5.2. This is due to missing capability checks on the imagereplacementfromurl function that is hooked to the erifromurl AJAX action. This makes it possible for authenticated...

EUVD-2026-1298

The Awesome Hotel Booking plugin for WordPress is vulnerable to unauthorized modification of data due to incorrect authorization in the room-single.php shortcode handler in all versions up to, and including, 1.0. This is due to the plugin relying solely on nonce verification without capability...

EUVD-2005-1298

Malware in sbrugna...

openSUSE Security Advisory (SUSE-SU-2025:02516-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2025:02516-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2024-1298: Fixed potential UINT32 overflow in S3 ResumeCount bsc1225889. Other fixes: - Fixed Kubevirt GPU passthrough failure bsc1245542...

TencentOS Server 4: edk2 (TSSA-2024:0895)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0895 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2010-1298

Directory traversal vulnerability in view.php in Pulse CMS 1.2.2 allows remote attackers to read arbitrary files via directory traversal sequences in the f parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2025-1470)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2025-1498)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RockyLinux 8 : edk2 (RLSA-2024:5297)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5297 advisory. edk2: Predictable TCP Initial Sequence Numbers CVE-2023-45236 edk2: Use of a Weak PseudoRandom Number Generator CVE-2023-45237 edk2: Temporary DoS...

RockyLinux 9 : edk2 (RLSA-2024:9088)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:9088 advisory. mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC CVE-2023-6129 openssl: Excessive time spent checking invalid RSA public...

RLSA-2024:9088 Moderate: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC CVE-2023-6129 openssl: Excessive time spent...

Linux Distros Unpatched Vulnerability : CVE-2024-1298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A successful...

CVE-2020-1298

creationtimestamp| type| source ---|---|--- 2025-03-02 11:46:28+00:00| seen| Telegram/unG3xAfaI5aqVfI74x5O5OG5AAdkUCR0gp7iZP-nefET-cW...

CVE-2025-1298

Logic vulnerability in the mobile application com.transsion.carlcare may lead to the risk of account takeover...

CVE-2025-1298

Logic vulnerability in the mobile application com.transsion.carlcare may lead to the risk of account takeover...

CVE-2025-1298

Logic vulnerability in the mobile application com.transsion.carlcare may lead to the risk of account takeover...

CVE-2025-1298

CVE-2025-1298 involves a logic vulnerability in the mobile application com.transsion.carlcare (TECNO’s Carlcare app). The issue is described as a logic flaw that may lead to an account takeover. The formal CVSS 3.1 metrics indicate a high-severity, 9.8 (CRITICAL) base score with network attack ve...

Azure Linux 3.0 Security Update: edk2 / hvloader (CVE-2024-1298)

The version of edk2 / hvloader installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1298 advisory. - EDK2 contains a vulnerability when S3 sleep is activated where an Attacker May cause a...