SUSE SLES15 Security Update : sudo (SUSE-SU-2026:1308-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1308-1 advisory. This update for sudo fixes the following issue: - CVE-2026-35535: Fixed potential privilege escalation when running the mailer bsc1261420...

Security update for sudo

This update for sudo fixes the following issue: CVE-2026-35535: Fixed potential privilege escalation when running the mailer bsc1261420. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...

MiracleLinux 4 : openssl-1.0.1e-48.4.0.1.AXS4 (AXSA:2017-1308:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1308:01 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by incorrect authorisation and XML external entity (XXE) vulnerabilities due to Apache Solr.

Summary Apache Solr is used by IBM Operations Analytics - Log Analysis as part of managing Solr collection and arbitary local file. CVE-2018-11802, CVE-2018-1308. Vulnerability Details CVEID:CVE-2018-11802 DESCRIPTION: In Apache Solr, the cluster can be partitioned into multiple collections and...

CVE-2025-1308

creationtimestamp| type| source ---|---|--- 2025-05-19 22:18:25+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114536815349022955 2025-05-19 22:39:04+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpkn7vnwfbi2 2025-05-20...

CVE-2025-1308

Technical details about CVE-2025-1308 are not publicly available in the provided connected documents. Monitor for future updates from vendors and security advisories before assessing impact, affected versions, or fixes.

CVE-2025-1308 PX Backup Improper Sanitization Vulnerability

A vulnerability exists in PX Backup whereby sensitive information may be logged under specific conditions...

Linux Distros Unpatched Vulnerability : CVE-2014-1308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service memory...

Linux Distros Unpatched Vulnerability : CVE-2015-1308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kde-workspace 4.2.0 and plasma-workspace before 5.1.95 allows remote attackers to obtain input events, and consequently obtain passwords, by leveraging access t...

CVE-2024-1308

The WooCommerce Cloak Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'permalinksettingssave' function in all versions up to, and including, 1.0.33. This makes it possible for unauthenticated attackers to modify the...

CVE-2024-30080

creationtimestamp| type| source ---|---|--- 2024-06-12 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1308 2024-06-13 10:33:43+00:00| seen| https://t.me/kasperskyb2b/1300 2024-06-13 13:47:26+00:00| seen| https://t.me/truesecator/5848 2024-06-30 12:52:04+00:00| seen|...

RHEL 6 : kde-workspace (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - kde-workspace: X11 clients can eavesdrop input events while screen is locked CVE-2015-1308 Note that Nessus has not...

CVE-2024-1308 WooCommerce Cloak Affiliate Links <= 1.0.33 - Missing Authorization to Unauthenticated Permalink Modification

The WooCommerce Cloak Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'permalinksettingssave' function in all versions up to, and including, 1.0.33. This makes it possible for unauthenticated attackers to modify the...

CVE-2024-1308

The WooCommerce Cloak Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'permalinksettingssave' function in all versions up to, and including, 1.0.33. This makes it possible for unauthenticated attackers to modify the...

CVE-2024-1308

The CVE-2024-1308 entry covers the WooCommerce Cloak Affiliate Links plugin for WordPress up to version 1.0.33, where a missing authorization check in the permalink_settings_save function allows unauthenticated modification of the affiliate permalink base, enabling traffic redirection to maliciou...

WordPress WooCommerce Cloak Affiliate Links Plugin <= 1.0.33 is vulnerable to Broken Access Control

Software WooCommerce Cloak Affiliate Links Type Plugin Vulnerable versions = 1.0.33 Fixed in 1.0.34 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1308 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 86ffc05e045a Credits Francesc...

AlmaLinux 8 : .NET 7.0 (ALSA-2024:1308)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:1308 advisory. - .NET and Visual Studio Denial of Service Vulnerability CVE-2024-21392 Note that Nessus has not tested for this issue but has instead relied only on the...

RHEL 8 : .NET 7.0 (RHSA-2024:1308)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1308 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...

Malicious code in wlwz-2312-1308 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed51411d319b368c4ab5660fb0966b9d24dc30e2b8da1a64799fd843e6231ee6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-295 Malicious code in wlwz-2312-1308 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed51411d319b368c4ab5660fb0966b9d24dc30e2b8da1a64799fd843e6231ee6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...