CVE-2026-1305

creationtimestamp| type| source ---|---|--- 2026-02-27 13:33:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mftt6mhvk22d...

CVE-2019-12549

WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key...

EUVD-2026-1305

The Easy GitHub Gist Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the gist shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2024-1305

tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming write operations which an attacker can use to overflow memory buffers, resulting in a bug check and potentially arbitrary code execution in kernel space...

CVE-2020-1305

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'...

CVE-2025-1305

creationtimestamp| type| source ---|---|--- 2025-05-01 05:48:31+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114431001227819569 2025-05-01 05:56:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lo3msl2aeo2r 2025-05-01 07:01:28+00:00| seen|...

CVE-2025-1305 NewsBlogger <= 0.2.5.4 - Cross-Site Request Forgery to Arbitrary Plugin Installation

The NewsBlogger theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2.5.4. This is due to missing or incorrect nonce validation on the newsbloggerinstallandactivateplugin function. This makes it possible for unauthenticated attackers to upload...

CVE-2024-1305

creationtimestamp| type| source ---|---|--- 2024-07-08 20:46:09+00:00| seen| https://t.me/cvedetector/213 2024-08-12 17:40:05+00:00| seen| https://t.me/truesecator/6083 2025-03-13 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-10...

CVE-2024-1305

tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming write operations which an attacker can use to overflow memory buffers, resulting in a bug check and potentially arbitrary code execution in kernel space...

CVE-2024-1305

tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming write operations which an attacker can use to overflow memory buffers, resulting in a bug check and potentially arbitrary code execution in kernel space...

CVE-2024-1305

tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming write operations which an attacker can use to overflow memory buffers, resulting in a bug check and potentially arbitrary code execution in kernel space...

CVE-2024-1305

CVE-2024-1305 affects the tap-windows6 driver (versions 9.26 and earlier). The issue is that the driver does not properly validate size data in incoming write operations, allowing an attacker to overflow memory buffers and potentially achieve arbitrary code execution in kernel space. This aligns ...

Important: Red Hat Security Advisory: edk2 security update

An update for edk2 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as havi...

RHEL 8 : edk2 (RHSA-2024:1305)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1305 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU a...

openSUSE: Security Advisory for libqt5 (openSUSE-SU-2022:10049-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Malicious code in wlwz-2312-1305 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea30a778b2357e2998b02c4ff9e12d602c3241d7b736a472b9638f824b965795 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-1305

creationtimestamp| type| source ---|---|--- 2023-03-21 19:35:05+00:00| seen| https://t.me/cibsecurity/60396...

CVE-2023-1305

CVE-2023-1305 affects Rapid7 InsightCloudSec where an authenticated attacker could leverage an exposed “box” object to read and write arbitrary files on disk as long as they are parsable as YAML/JSON. The issue has been mitigated in the Managed and SaaS deployments as of February 1, 2023 and in t...

CVE-2023-1305 Rapid7 InsightCloudSec box object access

An authenticated attacker can leverage an exposed “box” object to read and write arbitrary files from disk, provided those files can be parsed as yaml or JSON. This issue was resolved in the Managed and SaaS deployments on February 1, 2023, and in version 23.2.1 of the Self-Managed version of...

SUSE CVE-2022-1305

Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...