Solstice::Session 安全漏洞

Solstice::Session is a server-side session component developed by MCRAWFOR’s developers, used to manage user sessions and request states. Versions of Solstice::Session prior to 1440 contained security vulnerabilities, which stemmed from insecure session ID generation, potentially allowing attacke...

CVE-2025-1440

The Advanced iFrame plugin for WordPress is vulnerable to unauthorized excessive creation of options on the aipmapurlcallback function in all versions up to, and including, 2024.5 due to insufficient restrictions. This makes it possible for unauthenticated attackers to update the...

CVE-2013-1440

creationtimestamp| type| source ---|---|--- 2025-06-27 00:57:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lskgo6t4nh2p...

CVE-2012-1440

The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eTrust Vet Antivirus 36.1.8511, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified identsize field. NOTE: this may later be SPLIT into...

CVE-2019-1440

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1436...

CVE-2025-1440

creationtimestamp| type| source ---|---|--- 2025-03-26 10:25:17+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8820 2025-03-26 12:12:41+00:00| seen| https://t.me/cvedetector/21155...

CVE-2025-1440

CVE-2025-1440 concerns the WordPress plugin Advanced iFrame. The Red Hat entry confirms the issue: in all versions up to 2024.5, the aip_map_url_callback() function has insufficient restrictions, enabling unauthorized creation of options. This allows unauthenticated attackers to update the advanc...

CVE-2025-1440 Advanced iFrame <= 2024.5 - Unauthenticated Settings Update

The Advanced iFrame plugin for WordPress is vulnerable to unauthorized excessive creation of options on the aipmapurlcallback function in all versions up to, and including, 2024.5 due to insufficient restrictions. This makes it possible for unauthenticated attackers to update the...

CVE-2022-1440

Command Injection vulnerability in [email protected] in GitHub repository yarkeev/git-interface prior to 2.1.2. If both are provided by user input, then the use of a --upload-pack command-line argument feature of git is also supported for git clone, which would then allow for any operating syst...

CVE-2021-1440

creationtimestamp| type| source ---|---|--- 2024-11-18 15:36:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113504693971527021 2025-09-25 00:36:28+00:00| seen| MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51...

CVE-2019-1440

creationtimestamp| type| source ---|---|--- 2024-02-13 08:26:47+00:00| seen| https://t.me/ctinow/183650...

Important: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2023-1440

creationtimestamp| type| source ---|---|--- 2023-03-17 11:36:22+00:00| seen| https://t.me/cibsecurity/60223...

CVE-2023-1440

CVE-2023-1440 affects SourceCodester Automatic Question Paper Generator System 1.0, specifically the GET Parameter Handler in the file users/user/manage_user.php. The vulnerability arises from manipulation of the id argument, resulting in SQL injection. It can be exploited remotely, and public di...

CentOS 7 : java-11-openjdk (RHSA-2022:1440)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1440 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affecte...

SUSE: Security Advisory (SUSE-SU-2022:1440-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

gitboost (>=0.0.5 <=0.0.6) potentially affected by CVE-2022-1440 via git-interface (=0.1.9)

git-interface NPM version =0.1.9 is affected by a known vulnerability. The following packages have a transitive dependency on git-interface and may be impacted: - gitboost =0.0.5, =0.0.6 Source cves: CVE-2022-1440 Source advisory: OSV:GHSA-QFFW-8WG7-H665...

CVE-2022-1440

creationtimestamp| type| source ---|---|--- 2022-04-22 22:27:58+00:00| seen| https://t.me/cibsecurity/41342...

CVE-2022-1440 Command Injection vulnerability in [email protected] in yarkeev/git-interface

Command Injection vulnerability in [email protected] in GitHub repository yarkeev/git-interface prior to 2.1.2. If both are provided by user input, then the use of a --upload-pack command-line argument feature of git is also supported for git clone, which would then allow for any operating syst...

CVE-2022-1440

CVE-2022-1440 affects git-interface in yarkeev/git-interface prior to 2.1.2. The root cause is lack of input filtering for the git clone path and the --upload-pack argument, enabling command execution on the host when both the remote and destination are provided by user input. Consequences descri...