MiracleLinux 3 : dnsmasq-2.45-1AXS3.1.1 (AXBA:2008-315:02)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXBA:2008-315:02 advisory. - The DNS protocol, as implemented in 1 BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; 2 Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server...

MiracleLinux 4 : libvirt-0.10.2-29.5.0.1.AXS4 (AXSA:2014-076:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-076:01 advisory. Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the...

EUVD-2026-1447

SQL Injection is present on the hfInventoryDistFormID parameter in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34. Unsanitized user input is incorporated directly into SQL queries without proper parameterization or escaping...

CVE-2024-1447

The Sydney Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aThemes Slider button element in all versions up to, and including, 1.25 due to insufficient input sanitization and output escaping on user supplied link. This makes it possible for authenticated...

CVE-2023-1447

A vulnerability, which was classified as problematic, has been found in SourceCodester Medicine Tracker System 1.0. Affected by this issue is some unknown functionality of the file app/?page=medicines/managemedicine. The manipulation of the argument name/description with the input leads to cross...

CVE-2020-1447

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1448...

CVE-2025-1447 kasuganosoras Pigeon index.php server-side request forgery

A vulnerability was found in kasuganosoras Pigeon 1.0.177. It has been declared as critical. This vulnerability affects unknown code of the file /pigeon/imgproxy/index.php. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely. Upgrading t...

openSUSE Security Advisory (SUSE-SU-2024:1447-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-1447

creationtimestamp| type| source ---|---|--- 2024-03-09 01:31:54+00:00| seen| https://t.me/ctinow/203711 2025-02-13 17:09:44+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4270 2025-02-14 10:08:11+00:00| seen| Telegram/b8E8TH72YmyVkLLjnYboKVwa-YsakME-IzRjwWBadyasl2MG...

WordPress Sydney Toolbox Plugin <= 1.25 is vulnerable to Cross Site Scripting (XSS)

Software Sydney Toolbox Type Plugin Vulnerable versions = 1.25 Fixed in 1.26 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1447 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 84b6e924cbb5 Credits Webbernaut Required privile...

CVE-2024-1447 Sydney Toolbox <= 1.25 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Sydney Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aThemes Slider button element in all versions up to, and including, 1.25 due to insufficient input sanitization and output escaping on user supplied link. This makes it possible for authenticated...

CVE-2024-1447

The Sydney Toolbox WordPress plugin (up to version 1.25) is vulnerable to stored XSS via the aThemes Slider button, caused by insufficient input sanitization and output escaping of user-supplied links. Authenticated attackers with contributor-level permissions can inject scripts that execute when...

CVE-2019-1447

creationtimestamp| type| source ---|---|--- 2024-02-13 08:26:52+00:00| seen| https://t.me/ctinow/183655...

Security Bulletin: Multiple security vulnerabilities have been identified in GSKit, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2018-1447).

Summary GSKit is shipped with IBM Tivoli Network Manager IP Edition. Information about security vulnerabilities affecting GSKit has been published here. Vulnerability Details CVEID: CVE-2018-1447 DESCRIPTION: The GSKit CMS KDB logic fails to salt the hash function resulting in weaker than expecte...

CVE-2023-1447

creationtimestamp| type| source ---|---|--- 2023-03-17 11:36:45+00:00| seen| https://t.me/cibsecurity/60240...

CVE-2023-1447

CVE-2023-1447 affects SourceCodester Medicine Tracker System 1.0. A cross-site scripting vulnerability exists in the endpoint app/?page=medicines/manage_medicine, triggered by manipulating the name/description argument with input like . The issue can be exploited remotely against an unknown funct...

K8938: BIND DNS cache poisoning vulnerability - CVE-2008-1447 - VU#800113

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

SUSE CVE-2014-1448

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-1447. Reason: This candidate is a reservation duplicate of CVE-2014-1447. Only one candidate was needed for the disclosure in question. Notes: All CVE users should reference CVE-2014-1447 instead of this candidate. All references and...

Security Bulletin: Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for Unix

Summary There are multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for Unix. IBM Spectrum Protect Snapshot for Unix has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL coul...

Security Bulletin: Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for VMware

Summary There are multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for VMware. IBM Spectrum Protect Snapshot for VMware has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL...