Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2026-1407)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume th...

CVE-2026-1407

creationtimestamp| type| source ---|---|--- 2026-01-26 01:04:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdc2fumtfs2i...

CVE-2025-1407

The AMO Team Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's amoteamskills shortcode in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2020-1407

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1400, CVE-2020-1401...

CVE-2012-1407

Unspecified vulnerability in the GO Message Widget com.gau.go.launcherex.gowidget.smswidget application 1.9, 2.1, and 2.3 for Android has unknown impact and attack vectors...

CVE-2019-1407

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1433, CVE-2019-1435, CVE-2019-1437, CVE-2019-1438...

CVE-2025-1407

The AMO Team Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's amoteamskills shortcode in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-1407

CVE-2025-1407 affects AMO Team Showcase for WordPress. The vulnerability is a Stored Cross-Site Scripting via the amoteam_skills shortcode in all versions up to and including 1.1.4, caused by insufficient input sanitization and output escaping of user-supplied attributes. Attack scenario requires...

CVE-2025-1407 AMO Team Showcase <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via amoteam_skills Shortcode

The AMO Team Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's amoteamskills shortcode in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-1407 AMO Team Showcase <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via amoteam_skills Shortcode

The AMO Team Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's amoteamskills shortcode in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CentOS 7 : etcd (RHSA-2021:1407)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1407 advisory. - In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a...

CVE-2024-1407

The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.10. This is due to missing or incorrect nonce validation on multiple functions. This makes it possibl...

CVE-2024-1407 Paid Memberships Pro <= 2.12.10 - Cross-Site Request Forgery to Membership Modification

The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.10. This is due to missing or incorrect nonce validation on multiple functions. This makes it possibl...

WordPress Paid Memberships Pro Plugin <= 2.12.10 is vulnerable to Cross Site Request Forgery (CSRF)

Software Paid Memberships Pro Type Plugin Vulnerable versions = 2.12.10 Fixed in 3.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1407 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 8bd40b5c1996 Credits Colin Xu Requir...

CVE-2019-1407

creationtimestamp| type| source ---|---|--- 2024-02-11 15:36:54+00:00| seen| https://t.me/ctinow/182820...

AlmaLinux 9 : thunderbird (ALSA-2023:1407)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:1407 advisory. - Mozilla: Incorrect code generation during JIT compilation CVE-2023-25751 - Mozilla: Potential out-of-bounds when accessing throttled streams...

RHEL 9 : thunderbird (RHSA-2023:1407)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1407 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0. Security Fixes: Mozilla:...

Oracle Linux 9 : thunderbird (ELSA-2023-1407)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-1407 advisory. 102.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.9.0-1 - Update to 102.9.0 build1 Tenable has...

CVE-2023-1407

creationtimestamp| type| source ---|---|--- 2023-03-15 22:17:38+00:00| seen| https://t.me/cibsecurity/60041...