ECHO-1404-A334-0B9B

Bulletin has no description...

Exploit for CVE-2026-1404

wordpress-vulnerability-fix WordPress XSS Vulnerability Ass...

CVE-2024-1404

A vulnerability was found in Linksys WRT54GL 4.30.18 and classified as problematic. Affected by this issue is some unknown functionality of the file /SysInfo.htm of the component Web Management Interface. The manipulation leads to information disclosure. The exploit has been disclosed to the publ...

Linux Distros Unpatched Vulnerability : CVE-2010-1404

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote...

CVE-2025-1404

creationtimestamp| type| source ---|---|--- 2025-03-01 11:27:27+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6072 2025-03-01 13:56:30+00:00| seen| https://t.me/cvedetector/19234 2025-03-02 11:46:59+00:00| seen| Telegram/F8DkQ3CjDI29vN-dWtBKGR7usoFjDFT9jrK3fmB6XEQXPP2Z 2025-08-19...

CVE-2025-1404 Secure Copy Content Protection and Content Locking <= 4.4.7 - Missing Authorization to Unauthenticated User Email Retrieval via ays_sccp_reports_user_search Function

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ayssccpreportsusersearch function in all versions up to, and including, 4.4.7. This makes it possible for unauthenticated attackers to...

CVE-2025-1404 Secure Copy Content Protection and Content Locking <= 4.4.7 - Missing Authorization to Unauthenticated User Email Retrieval via ays_sccp_reports_user_search Function

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ayssccpreportsusersearch function in all versions up to, and including, 4.4.7. This makes it possible for unauthenticated attackers to...

RHEL 8 : kernel (RHSA-2024:1404)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1404 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: out-of-bounds write in...

CVE-2024-1404

creationtimestamp| type| source ---|---|--- 2024-02-10 00:21:23+00:00| seen| https://t.me/ctinow/182353 2024-03-03 09:16:27+00:00| seen| https://t.me/ctinow/198613...

CVE-2024-1404 Linksys WRT54GL Web Management Interface SysInfo.htm information disclosure

A vulnerability was found in Linksys WRT54GL 4.30.18 and classified as problematic. Affected by this issue is some unknown functionality of the file /SysInfo.htm of the component Web Management Interface. The manipulation leads to information disclosure. The exploit has been disclosed to the publ...

CVE-2024-1404

CVE-2024-1404 affects Linksys WRT54GL Web Management Interface (SysInfo.htm). The issue is an information disclosure due to manipulation of an unknown functionality in SysInfo.htm. Descriptions across sources confirm the vulnerability in firmware 4.30.18 and that the exploit has been disclosed pu...

CVE-2024-1404 Linksys WRT54GL Web Management Interface SysInfo.htm information disclosure

A vulnerability was found in Linksys WRT54GL 4.30.18 and classified as problematic. Affected by this issue is some unknown functionality of the file /SysInfo.htm of the component Web Management Interface. The manipulation leads to information disclosure. The exploit has been disclosed to the publ...

MAL-2024-300 Malicious code in wlwz-2312-1404 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7205d8669e1bd615f759298cca19b99b2365abd14d444620b62970487836685 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wlwz-2312-1404 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7205d8669e1bd615f759298cca19b99b2365abd14d444620b62970487836685 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Siemens Industrial Products Uncontrolled Resource Consumption (CVE-2019-11479)

Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. An attacker with network access to affected products could cause a denial of service condition because of a vulnerability in the TCP retransmission queue implementation kernel when handling TCP...

Siemens Industrial Products Uncontrolled Resource Consumption (CVE-2019-11478)

Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. A remote attacker could cause a denial of service condition by sending specially crafted TCP Selective Acknowledgment SACK sequences to affected products. This plugin only works with Tenable.ot...

CVE-2023-1404

The Weaver Show Posts Plugin for WordPress is vulnerable to stored Cross-Site Scripting due to insufficient escaping of the profile display name in versions up to, and including, 1.6. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitra...

CVE-2023-1404

The CVE-2023-1404 entry concerns the Weaver Show Posts plugin for WordPress (versions ≤ 1.6). It enables stored XSS by insufficient escaping of the profile display name, exploitable by authenticated users with contributor-level permissions and above. Wordfence documentation confirms two related W...

WordPress Weaver Xtreme 5.0.7 / Weaver Show Posts 1.6 Cross Site Scripting

On March 14, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for 2 nearly identical Cross-Site Scripting vulnerabilities in the Weaver Xtreme theme and the Weaver Show Posts plugin, which each have over 10,000 installations. The plugin developer responded...

CVE-2022-1404

Delta Electronics CNCSoft (all versions prior to 1.01.32) is affected by CVE-2022-1404 due to improper input sanitization when processing a specific project file, which can lead to an out-of-bounds read condition. The issue is documented across multiple sources (NVD entry for CVE-2022-1404, ICS a...