RHEL 9 : fence-agents (RHSA-2026:1332)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1332 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable...

CVE-2026-1332

creationtimestamp| type| source ---|---|--- 2026-01-22 08:07:00+00:00| seen| https://www.twcert.org.tw/en/cp-139-10651-ff09c-2.html 2026-01-22 12:03:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcz5dpmavc2c...

EUVD-2026-1332

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.1.7. This is due to missing capability checks on the fluentformaicreateform AJAX action. This makes it...

CVE-2025-1332

A vulnerability has been found in FastCMS up to 0.1.5 and classified as problematic. This vulnerability affects unknown code of the file /fastcms.html/template/menu of the component Template Menu. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit ha...

CVE-2019-1332

A cross-site scripting XSS vulnerability exists when Microsoft SQL Server Reporting Services SSRS does not properly sanitize a specially-crafted web request to an affected SSRS server, aka 'Microsoft SQL Server Reporting Services XSS Vulnerability'...

CVE-2011-1332

Cross-site scripting XSS vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-6570...

CVE-2025-1332

creationtimestamp| type| source ---|---|--- 2025-02-16 01:16:08+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lib2njxazn2i 2025-02-16 02:37:57+00:00| seen| Telegram/wEQN5JkMLlvSUyTbW8bM79jiJ-z9nOaT232-7H1nAk2wwSo6 2025-02-16 02:54:25+00:00| seen|...

CVE-2025-1332

A vulnerability has been found in FastCMS up to 0.1.5 and classified as problematic. This vulnerability affects unknown code of the file /fastcms.html/template/menu of the component Template Menu. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit ha...

CVE-2025-1332

FastCMS ≤ 0.1.5 is affected by a cross-site scripting vulnerability in the Template Menu component (file /fastcms.html#/template/menu). The issue arises from unknown code in that path and is exploitable remotely; exploit has been disclosed publicly. Public details across sources indicate no versi...

CVE-2025-1332 FastCMS Template Menu menu cross site scripting

A vulnerability has been found in FastCMS up to 0.1.5 and classified as problematic. This vulnerability affects unknown code of the file /fastcms.html/template/menu of the component Template Menu. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit ha...

CVE-2024-1332 Custom Fonts – Host Your Fonts Locally <= 2.1.4 - Authenticated (Author+) Stored Cross-Site Scripting

The Custom Fonts – Host Your Fonts Locally plugin for WordPress is vulnerable to Stored Cross-Site Scripting via svg file upload in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1332-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1332-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Backdoor.Win32.Beastdoor.oq MVID-2024-0674 Remote Command Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/6268df4c9c805c90725dde4fe5ef6fea.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Beastdoor.oq Vulnerability: Unauthenticated Remote Command Execution...

CentOS: Security Advisory for nss (CESA-2023:1332)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 7 : nss (ELSA-2023-1332)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-1332 advisory. 3.79.0-5 - fix CVE-2023-0767 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Security Updates for Microsoft Office Products C2R (September 2020)

The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the...

CVE-2022-1332

Summary of CVE-2022-1332 (Mattermost) : An API in Mattermost ≤ 6.4.1 fails to properly enforce permissions, allowing authenticated users with a restricted custom admin role to bypass restrictions and read server logs and the server config.json. The issue is a privilege-management flaw affecting t...

CVE-2022-1332 Restricted custom admin role can bypass the restrictions and view the server logs and server config.json file contents

One of the API in Mattermost version 6.4.1 and earlier fails to properly protect the permissions, which allows the authenticated members with restricted custom admin role to bypass the restrictions and view the server logs and server config.json file contents...

CVE-2022-1332 Restricted custom admin role can bypass the restrictions and view the server logs and server config.json file contents

One of the API in Mattermost version 6.4.1 and earlier fails to properly protect the permissions, which allows the authenticated members with restricted custom admin role to bypass the restrictions and view the server logs and server config.json file contents...