AlmaLinux 10 : freeipmi (ALSA-2026:13515)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:13515 advisory. freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 Tenable has extracted the preceding description block directly from the AlmaLinux...

RockyLinux 10 : freeipmi (RLSA-2026:13515)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:13515 advisory. freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 Tenable has extracted the preceding description block directly from the RockyLinux...

RHEL 10 : freeipmi (RHSA-2026:13515)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:13515 advisory. The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI...

CVE-2025-13515

The Nouri.sh Newsletter plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' parameter in all versions up to, and including, 1.0.1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2019-13515

OSIsoft PI Web API 2018 and prior may allow disclosure of sensitive information...

CVE-2024-13515

The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'path' parameter in all versions up to, and including, 2.28.0 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-13515

creationtimestamp| type| source ---|---|--- 2025-01-18 05:39:49+00:00| seen| https://infosec.exchange/users/cve/statuses/113847749138111489 2025-01-18 05:57:12+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2274 2025-01-18 06:15:42+00:00| seen|...

CVE-2024-13515 Image Source Control Lite – Show Image Credits and Captions <= 2.28.0 - Reflected Cross-Site Scripting

The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'path' parameter in all versions up to, and including, 2.28.0 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-13515 Image Source Control Lite – Show Image Credits and Captions <= 2.28.0 - Reflected Cross-Site Scripting

The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'path' parameter in all versions up to, and including, 2.28.0 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2020-13515

creationtimestamp| type| source ---|---|--- 2020-12-18 22:44:19+00:00| seen| https://t.me/cibsecurity/21098 2025-01-04 20:00:16+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2318...

CVE-2020-13515

A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c40a148 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause an adversary to obtain elevated privileges. An attacker can send a malicious IRP to trigger this vulnerability...

CVE-2020-13515

NZXT CAM 4.8.0 is affected by a privilege-escalation vulnerability in the WinRing0x64 Driver IRP 0x9c40a148. A specially crafted I/O request packet can let an attacker obtain elevated privileges by interacting with the driver, as detailed by TALOS and other sources. Product: NZXT CAM 4.8.0; vulne...

CVE-2019-13515

CVE-2019-13515 affects OSIsoft PI Web API 2018 and earlier, enabling disclosure of sensitive information via log files (CWE-532). The vulnerability exists in the PI Web API REST interface and is driven by how logs may contain sensitive data. Affected versions are PI Web API 2018 and prior. Remedi...

OSIsoft PI Web API

1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Exploitable remotely Vendor: OSIsoft LLC Equipment: OSIsoft PI Web API Vulnerabilities: Inclusion of Sensitive Information in Log Files, Protection Mechanism Failure 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow direct...

CVE-2018-13515

The CVE is linked to aman, an Ethereum-based token. The issue is an integer overflow in the mintToken function of aman’s smart contract, allowing the contract owner to set any user’s balance to an arbitrary value. This is supported by CNVD-2018-13190 and NVD CVE-2018-13515 entries, which describe...