160 matches found
CVE-2009-1308
creationtimestamp| type| source ---|---|--- 2026-06-19 16:45:40+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7e95f5d8-3356-4723-915c-ad13fef8ae89 2026-06-23 14:04:16+00:00| exploited|...
SUSE SLES15 Security Update : sudo (SUSE-SU-2026:1308-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1308-1 advisory. This update for sudo fixes the following issue: - CVE-2026-35535: Fixed potential privilege escalation when running the mailer bsc1261420...
Security update for sudo
This update for sudo fixes the following issue: CVE-2026-35535: Fixed potential privilege escalation when running the mailer bsc1261420. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...
MiracleLinux 4 : openssl-1.0.1e-48.4.0.1.AXS4 (AXSA:2017-1308:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1308:01 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...
Security Bulletin: IBM Operations Analytics - Log Analysis is affected by incorrect authorisation and XML external entity (XXE) vulnerabilities due to Apache Solr.
Summary Apache Solr is used by IBM Operations Analytics - Log Analysis as part of managing Solr collection and arbitary local file. CVE-2018-11802, CVE-2018-1308. Vulnerability Details CVEID:CVE-2018-11802 DESCRIPTION: In Apache Solr, the cluster can be partitioned into multiple collections and...
CVE-2025-1308
creationtimestamp| type| source ---|---|--- 2025-05-19 22:18:25+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114536815349022955 2025-05-19 22:39:04+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpkn7vnwfbi2 2025-05-20...
CVE-2025-1308
Technical details about CVE-2025-1308 are not publicly available in the provided connected documents. Monitor for future updates from vendors and security advisories before assessing impact, affected versions, or fixes.
CVE-2025-1308 PX Backup Improper Sanitization Vulnerability
A vulnerability exists in PX Backup whereby sensitive information may be logged under specific conditions...
Linux Distros Unpatched Vulnerability : CVE-2014-1308
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service memory...
Linux Distros Unpatched Vulnerability : CVE-2015-1308
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kde-workspace 4.2.0 and plasma-workspace before 5.1.95 allows remote attackers to obtain input events, and consequently obtain passwords, by leveraging access t...
CVE-2024-1308
The WooCommerce Cloak Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'permalinksettingssave' function in all versions up to, and including, 1.0.33. This makes it possible for unauthenticated attackers to modify the...
CVE-2024-30080
creationtimestamp| type| source ---|---|--- 2024-06-12 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1308 2024-06-13 10:33:43+00:00| seen| https://t.me/kasperskyb2b/1300 2024-06-13 13:47:26+00:00| seen| https://t.me/truesecator/5848 2024-06-30 12:52:04+00:00| seen|...
RHEL 6 : kde-workspace (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - kde-workspace: X11 clients can eavesdrop input events while screen is locked CVE-2015-1308 Note that Nessus has not...
CVE-2024-1308
The WooCommerce Cloak Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'permalinksettingssave' function in all versions up to, and including, 1.0.33. This makes it possible for unauthenticated attackers to modify the...
CVE-2024-1308
The CVE-2024-1308 entry covers the WooCommerce Cloak Affiliate Links plugin for WordPress up to version 1.0.33, where a missing authorization check in the permalink_settings_save function allows unauthenticated modification of the affiliate permalink base, enabling traffic redirection to maliciou...
CVE-2024-1308 WooCommerce Cloak Affiliate Links <= 1.0.33 - Missing Authorization to Unauthenticated Permalink Modification
The WooCommerce Cloak Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'permalinksettingssave' function in all versions up to, and including, 1.0.33. This makes it possible for unauthenticated attackers to modify the...
WordPress WooCommerce Cloak Affiliate Links Plugin <= 1.0.33 is vulnerable to Broken Access Control
Software WooCommerce Cloak Affiliate Links Type Plugin Vulnerable versions = 1.0.33 Fixed in 1.0.34 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1308 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 86ffc05e045a Credits Francesc...
AlmaLinux 8 : .NET 7.0 (ALSA-2024:1308)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:1308 advisory. - .NET and Visual Studio Denial of Service Vulnerability CVE-2024-21392 Note that Nessus has not tested for this issue but has instead relied only on the...
RHEL 8 : .NET 7.0 (RHSA-2024:1308)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1308 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...
Malicious code in wlwz-2312-1308 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed51411d319b368c4ab5660fb0966b9d24dc30e2b8da1a64799fd843e6231ee6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...