CVE-2026-1343

creationtimestamp| type| source ---|---|--- 2026-04-02 12:37:21+00:00| seen| https://www.acn.gov.it/portale/w/ibm-risolte-vulnerabilita-in-verify-identity-access-e-security-verify-access 2026-04-07 16:16:40+00:00| seen|...

MiracleLinux 7 : kernel-3.10.0-514.10.2.el7 (AXSA:2017-1343:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1343:03 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operatin...

EUVD-2026-1343

The SVG Map Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on multiple AJAX actions including 'savedata', 'deletedata', and 'addpopup'. This makes it possible for...

CVE-2023-1343

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the attachrule function. This makes it possible for unauthenticated attackers to modify the...

CVE-2020-1343

An information disclosure vulnerability exists in Visual Studio Code Live Share Extension when it exposes tokens in plain text, aka 'Visual Studio Code Live Share Information Disclosure Vulnerability'...

CVE-2004-1343

CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service server crash...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Linux Kernel Improper Certificate Validation (CVE-2022-1343)

Under certain circumstances, the command line OCSP verify function reports successful verification when the varification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result...

edk2 security update

Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...

CVE-2024-1343

CVE-2024-1343 concerns LaborOfficeFree, version 19.10. A weak permission in the backup directory (path: %programfiles(x86)% LaborOfficeFree BackUp) allows any authenticated user to read backup files, enabling potential disclosure of backup data. Documents consistently cite an access-control weakn...

CVE-2023-1343

creationtimestamp| type| source ---|---|--- 2023-03-10 22:51:16+00:00| seen| https://t.me/cibsecurity/59811...

CVE-2023-1343

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the attachrule function. This makes it possible for unauthenticated attackers to modify the...

SUSE CVE-2006-1343

net/ipv4/netfilter/ipconntrackcore.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nfconntrackl3protoipv4.c in 2.6, does not clear sockaddrin.sinzero before returning IPv4 socket names from the getsockopt function with SOORIGINALDST, which allows local users to obtain portions of...

SUSE CVE-2022-1343

The function OCSPbasicverify verifies the signer certificate on an OCSP response. In the case where the non-default flag OCSPNOCHECKS is used then the response will be positive meaning a successful verification even in the case where the response signing certificate fails to verify. It is...

Siemens Brownfield Connectivity Client

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

AlmaLinux 9 : openssl (ALSA-2022:6224)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:6224 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

USN-5402-1: OpenSSL vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Elison Niven discovered that OpenSSL incorrectly handled the crehash script. A local attacker could possibly use this issue to execute arbitrary commands when crehash is run. CVE-2022-1292 Raul Metsma...

SUSE: Security Advisory (SUSE-SU-2022:2306-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for openssl-3 (SUSE-SU-2022:2306-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus are vulnerable to multiple openSSL vulnerabilities in Node.js (CVE-2022-1434, CVE-2022-1343, CVE-2022-1473)

Summary IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a man-in-the-middle attack, remote attacker bypassing security restrictions and denial of service due to openSSL vulnerabilities in Node.js CVE-2022-1434, CVE-2022-1343, CVE-2022-1473. IBM App Connect provides a fix/fix...

Security Bulletin: IBM QRadar WinCollect is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., third party libraries that may be identified and exploited with automated tools. IBM QRadar WinCollect for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2022-1434 DESCRIPTION: OpenSSL is vulnerable to a...