CVE-2026-1418

creationtimestamp| type| source ---|---|--- 2026-01-26 07:24:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdcpmbrn5j2c...

CVE-2026-1418 GPAC SRT Subtitle Import text_to_bifs.c gf_text_import_srt_bifs out-of-bounds write

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/texttobifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has...

CVE-2026-1418

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/texttobifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has...

EUVD-2017-1418

Malware in sbrugna...

CVE-2025-1418

A low-privileged user can access information about profiles created in Proget MDM Mobile Device Management, which contain details about allowed/prohibited functions. The profiles do not reveal any sensitive information including their usage in connected devices. This issue has been fixed in 2.17....

CVE-2023-1418

A vulnerability classified as problematic was found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file cashconfirm.php of the component POST Parameter Handler. The manipulation of the argument...

CVE-2020-1418

An elevation of privilege vulnerability exists when the Windows Diagnostics Execution Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1393...

CVE-2011-1418

The stateless address autoconfiguration aka SLAAC functionality in the IPv6 networking implementation in Apple iOS before 4.3 and Apple TV before 4.2 places the MAC address into the IPv6 address, which makes it easier for remote IPv6 servers to track users by logging source IPv6 addresses...

CVE-2025-1418

A low-privileged user can access information about profiles created in Proget MDM Mobile Device Management, which contain details about allowed/prohibited functions. The profiles do not reveal any sensitive information including their usage in connected devices. This issue has been fixed...

CVE-2025-1418

CVE-2025-1418 affects the Proget MDM server (Konsola Proget). A low-privileged user could read information about profiles (which describe allowed/prohibited functions). The issue does not expose sensitive data about devices in the initial description, but it leaks profile metadata. The entry is f...

CVE-2025-1418 Information disclosure in Proget MDM

A low-privileged user can access information about profiles created in Proget MDM Mobile Device Management, which contain details about allowed/prohibited functions. The profiles do not reveal any sensitive information including their usage in connected devices. This issue has been fixed...

Linux Distros Unpatched Vulnerability : CVE-2003-1418

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via 1 the ETag header, which reveals the inode numbe...

CVE-2024-1418

The CGC Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2 via the REST API. This makes it possible for unauthenticated attackers to view protected posts via REST API even when maintenance mode is enabled...

CVE-2024-1418

CVE-2024-1418 affects the CGC Maintenance Mode plugin for WordPress. According to connected sources, versions up to and including 1.2 are vulnerable to sensitive information exposure via the REST API, allowing unauthenticated attackers to view protected posts while maintenance mode is enabled. Th...

WordPress CGC Maintenance Mode Plugin <= 1.2 is vulnerable to Sensitive Data Exposure

Software CGC Maintenance Mode Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-1418 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 575ccf77d707 Credits Francesco Carlucci Requir...

CVE-2023-1418

creationtimestamp| type| source ---|---|--- 2023-05-04 11:26:23+00:00| seen| https://t.me/cibsecurity/60067...

CVE-2023-1418

CVE-2023-1418 affects SourceCodester Friendly Island Pizza Website and Ordering System 1.0, due to a cross-site scripting (XSS) vulnerability in the file cashconfirm.php within the POST Parameter Handler . The issue arises from manipulation of the transactioncode argument, enabling remote exploit...

SUSE CVE-2008-1418

unknown...

CVE-2022-1418

creationtimestamp| type| source ---|---|--- 2022-05-16 18:26:26+00:00| seen| https://t.me/cibsecurity/42734...

CVE-2022-1418

CVE-2022-1418 affects the WordPress Social Stickers plugin up to version 2.2.9. The issue is a lack of CSRF protection when updating its Social Network settings and insufficient escaping of certain fields, enabling a logged-in admin to modify settings in a way that could trigger Stored Cross-Site...