Edimax IC-7100 RCE (CVE-2025-1316)

Edimax IC-7100 network cameras do not properly neutralize request. An attacker can create specially crafted requests to achieve remote code execution on the device. Note that Nessus has not tested for this issue and has relied only on the device's self-reported model number. %NASLMINLEVEL 80900 C...

CVE-2024-1316

The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. e.g. draft, private, pending review,...

CVE-2019-1316

An elevation of privilege vulnerability exists in Microsoft Windows Setup when it does not properly handle privileges, aka 'Microsoft Windows Setup Elevation of Privilege Vulnerability'...

CVE-2011-1316

The Session Initiation Protocol SIP Proxy in the HTTP Transport component in IBM WebSphere Application Server WAS before 7.0.0.15 allows remote attackers to cause a denial of service worker thread exhaustion and UDP messaging outage by sending many UDP messages...

CVE-2025-1316

Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2025-1316 Edimax IC-7100 IP Camera OS Command Injection

Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device...

CVE-2025-1316

CVE-2025-1316 affects Edimax IC-7100 IP camera. The vulnerability is an OS command injection caused by improper input handling that allows remote code execution via specially crafted requests. Public advisories (CISA ICS advisory ICSA-25-063-08) and Nessus plugin data corroborate remote-code exec...

CVE-2025-1316

creationtimestamp| type| source ---|---|--- 2025-03-04 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-08 2025-03-05 00:33:53+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6469 2025-03-05 01:49:23+00:00| seen|...

RHSA-2024:1316

creationtimestamp| type| source ---|---|--- 2024-03-18 18:16:23+00:00| seen| https://t.me/ctinow/210819...

WordPress Events Tickets Plus Plugin < 5.9.1 is vulnerable to Broken Access Control

Software Events Tickets Plus Type Plugin Vulnerable versions 5.9.1 Fixed in 5.9.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-1316 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2dfabd1f95ab Credits Scott Kingsley Clark Require...

CVE-2024-1316

creationtimestamp| type| source ---|---|--- 2024-03-04 22:27:00+00:00| seen| https://t.me/ctinow/199647 2024-03-04 22:36:50+00:00| seen| https://t.me/ctinow/199655...

CVE-2024-1316 Event Tickets and Registration < 5.8.1 - Contributor+ Arbitrary Events Access

The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. e.g. draft, private, pending review,...

CVE-2024-1316

The CVE-2024-1316 issue affects the WordPress plugins Event Tickets and Registration (pre-5.8.1) and Events Tickets Plus (pre-5.9.1). Reports across multiple sources identify a vulnerability where users with at least the Contributor role can leak the existence of certain events they should not ac...

CVE-2024-1316 Event Tickets and Registration < 5.8.1 - Contributor+ Arbitrary Events Access

The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. e.g. draft, private, pending review,...

CVE-2023-39348 Improper log output when using GitHub Status Notifications in spinnaker

Spinnaker is an open source, multi-cloud continuous delivery platform. Log output when updating GitHub status is improperly set to FULL always. It's recommended to apply the patch and rotate the GitHub token used for github status notifications. Given that this would output github tokens to a log...

CVE-2023-39348 Improper log output when using GitHub Status Notifications in spinnaker

Spinnaker is an open source, multi-cloud continuous delivery platform. Log output when updating GitHub status is improperly set to FULL always. It's recommended to apply the patch and rotate the GitHub token used for github status notifications. Given that this would output github tokens to a log...

osTicket < 1.16.6, 1.17.x < 1.17.3 Multiple XSS Vulnerabilities

osTicket is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

CVE-2023-1316

creationtimestamp| type| source ---|---|--- 2023-03-10 18:21:17+00:00| seen| https://t.me/cibsecurity/59797 2025-03-03 21:30:43+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6293...

CVE-2023-1316

CVE-2023-1316 is a stored XSS vulnerability in osticket/osticket prior to v1.16.6. Multiple connected sources corroborate that the issue affects osticket/osticket by storing malicious scripts (notably via an email field) and potentially allows data disclosure or scripting in affected sessions. Th...

CVE-2023-1316 Cross-site Scripting (XSS) - Stored in osticket/osticket

Cross-site Scripting XSS - Stored in GitHub repository osticket/osticket prior to v1.16.6...