Huawei EulerOS: Security Advisory for libsodium (EulerOS-SA-2026-1438)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1438)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1438 advisory. A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary. CVE-2025-61732 Tenable has extracted the preceding description block directly from...

CVE-2026-1438 Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface

Reflected Cross-Site Scripting XSS vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker ...

CVE-2026-1438 Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface

Reflected Cross-Site Scripting XSS vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker ...

EUVD-2026-1438

Cross-Site Scripting XSS is present on the ctl00Content01fieldValue parameters on the /psp/appNet/TemplateOrder/TemplatePreview.aspx endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34. User-supplied input is stored and later rendered in HTML pages without proper output encodi...

CVE-2020-1438

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1373, CVE-2020-1390, CVE-2020-1427, CVE-2020-1428...

CVE-2010-1438

Web Application Finger Printer WAFP 0.01-26c3 uses fixed pathnames under /tmp for temporary files and directories, which 1 allows local users to cause a denial of service application outage by creating a file with a pathname that the product expects is available for its own internal use, 2 allows...

CVE-2019-1438

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1407, CVE-2019-1433, CVE-2019-1435, CVE-2019-1437...

Linux Distros Unpatched Vulnerability : CVE-2013-1438

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a...

RHEL 5 : dcraw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - LibRaw: Index overflow in smaldecodesegment CVE-2015-8366 - Unspecified vulnerability in dcraw 0.8.x...

RHEL 7 : dcraw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libraw: Stack based buffer overflow in the xtransinterpolate function CVE-2017-14265 - Unspecified...

CVE-2024-1438

Missing Authorization vulnerability in PressFore Rolo Slider.This issue affects Rolo Slider: from n/a through 1.0.9...

CVE-2024-1438 WordPress Rolo Slider plugin <= 1.0.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in PressFore Rolo Slider.This issue affects Rolo Slider: from n/a through 1.0.9...

CVE-2024-1438 WordPress Rolo Slider plugin <= 1.0.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in PressFore Rolo Slider.This issue affects Rolo Slider: from n/a through 1.0.9...

Oracle Linux 9 : nodejs (ELSA-2024-1438)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1438 advisory. 1:16.20.2-4.0.1 - reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks Resolves: CVE-2024-22019 Tenable has extracted the precedin...

RHEL 9 : nodejs (RHSA-2024:1438)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1438 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes...

WordPress Rolo Slider Plugin <= 1.0.9 is vulnerable to Settings Change

Software Rolo Slider Type Plugin Vulnerable versions = 1.0.9 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2024-1438 Patch priority High CVSS severity High 7.7 Developer Claim ownership PSID 601d954731d6 Credits Emili Castells Required privilege...

CVE-2019-1438

creationtimestamp| type| source ---|---|--- 2024-02-13 07:56:17+00:00| seen| Telegram/nxVYTxe4z1YtfgOAh2tyBwCCH1WUaQ-w4vo2GejDA2Z85D...

CVE-2022-1438

CVE-2022-1438 is an XSS vulnerability in Keycloak where HTML entities are not sanitized during user impersonation. Red Hat advisories (RHSA-2023:1043/1044/1045) fix this issue in Red Hat Single Sign-On 7.6.2 on RHEL 7/8/9. The NVD CVSS data indicates a MEDIUM to HIGH impact depending on the vecto...

RHEL 6 : openssl (RHSA-2023:1438)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1438 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...