Amazon Linux 2023 : curl, curl-minimal, libcurl (ALAS2023-2026-1375)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1375 advisory. No QUIC certificate pinning with GnuTLS NOTE: https://curl.se/docs/CVE-2025-13034.htmlNOTE: Introduced with: https://github.com/curl/curl/commit/3210101088dfa3d6a125d213226b092f2f866722...

CVE-2026-1375

creationtimestamp| type| source ---|---|--- 2026-02-03 08:22:13+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdwwlhtsev2h 2026-04-09 21:00:05+00:00| published-proof-of-concept| Telegram/uEPSzFNr6HqJN1CCE1x2MfixnAoe1zyVBXupCwzjdQjfEc...

CVE-2024-1375

The Event post plugin for WordPress is vulnerable to unauthorized bulk metadata update due to a missing nonce check on the savebulkdatas function in all versions up to, and including, 5.9.10. This makes it possible for unauthenticated attackers to update postmetadata via a forged request, granted...

CVE-2020-1375

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'...

CVE-2019-1375

A cross site scripting vulnerability exists when Microsoft Dynamics 365 on-premises does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 On-Premise Cross Site Scripting Vulnerability'...

CVE-2010-1375

NetAuthSysAgent in Network Authorization in Apple Mac OS X 10.5.8 does not have the expected authorization requirements, which allows local users to gain privileges via unspecified vectors...

CVE-2024-1375

creationtimestamp| type| source ---|---|--- 2024-07-12 06:02:30+00:00| seen| https://t.me/cvedetector/702...

CVE-2024-1375 Event post <= 5.9.10 - Cross-Site Request Forgery

The Event post plugin for WordPress is vulnerable to unauthorized bulk metadata update due to a missing nonce check on the savebulkdatas function in all versions up to, and including, 5.9.10. This makes it possible for unauthenticated attackers to update postmetadata via a forged request, granted...

WordPress Event post Plugin <= 5.9.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Event post Type Plugin Vulnerable versions = 5.9.6 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1375 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 64d96d1eadf3 Credits Francesco Carlucci Required...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2024-1375)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-1375

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized cache deletion in versions up to, and including, 1.1.2 due to a missing capability check in the deleteCacheToolbar function . This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

CVE-2023-1375

CVE-2023-1375 affects the WP Fastest Cache WordPress plugin. A missing capability check in the deleteCacheToolbar function allows authenticated attackers with subscriber-level permissions and above to delete the site cache. Impact is unauthorized cache deletion for versions up to and including 1....

CVE-2023-1375 WP Fastest Cache <= 1.1.2 - Missing Authorization to Cache Deletion

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized cache deletion in versions up to, and including, 1.1.2 due to a missing capability check in the deleteCacheToolbar function . This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

SUSE CVE-2009-1375

The PurpleCircBuffer implementation in Pidgin formerly Gaim before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service memory corruption and application crash via vectors involving the 1 XMPP or 2 Sametime protocol...

CVE-2022-1375

creationtimestamp| type| source ---|---|--- 2022-05-02 22:28:08+00:00| seen| https://t.me/cibsecurity/41755...

CVE-2022-1375

CVE-2022-1375 affects Delta Electronics DIAEnergie (all versions prior to 1.8.02.004) with a blind SQL injection in DIAE_slogHandler.ashx. The vulnerability allows an attacker to inject arbitrary SQL, retrieve/modify database contents, and potentially execute system commands. Several connected so...

CVE-2022-1375

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in DIAEslogHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

SUSE: Security Advisory (SUSE-SU-2022:1375-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:1375-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:1375-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...