CVE-2026-1449

creationtimestamp| type| source ---|---|--- 2026-01-27 03:52:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdeuadas2b23...

CVE-2026-1449 Hisense TransTech Smart Bus Management System TireMng.aspx Page_Load sql injection

A flaw has been found in Hisense TransTech Smart Bus Management System up to 20260113. Affected is the function PageLoad of the file YZSoft/Forms/XForm/BM/BusComManagement/TireMng.aspx. Executing a manipulation of the argument key can lead to sql injection. It is possible to launch the attack...

CVE-2026-1449

CVE-2026-1449 affects Hisense TransTech Smart Bus Management System up to 20260113. The vulnerability is in YZSoft/Forms/XForm/BM/BusComManagement/TireMng.aspx, Page_Load, where manipulation of the request argument key can trigger a SQL injection. Remote exploitation is possible, and an exploit h...

EUVD-2026-1449

A security vulnerability has been detected in code-projects Intern Membership Management System 1.0. This issue affects some unknown processing of the file /intern/admin/deleteadmin.php. Such manipulation of the argument adminid leads to sql injection. The attack may be launched remotely. The...

Linux Distros Unpatched Vulnerability : CVE-2023-1449

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gfav1resetstate of...

CVE-2024-1449

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's msslide shortcode in all versions up to, and including, 3.9.10 due to insufficient input sanitization and output escaping on the 'src' user supplied attributes. This make...

CVE-2020-1449

A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a file, aka 'Microsoft Project Remote Code Execution Vulnerability'...

CVE-2019-1449

A security feature bypass vulnerability exists in the way that Office Click-to-Run C2R components handle a specially crafted file, which could lead to a standard user, any AppContainer sandbox, and Office LPAC Protected View to escalate privileges to SYSTEM.To exploit this bug, an attacker would...

CVE-2025-1449 Admin Shell Access Vulnerability in Rockwell Automation Verve Asset Manager

A vulnerability exists in the Rockwell Automation Verve Asset Manager due to insufficient variable sanitizing. A portion of the administrative web interface for Verve's Legacy Agentless Device Inventory ADI capability deprecated since the 1.36 release allows users to change a variable with...

CVE-2025-1449

CVE-2025-1449 concerns Rockwell Automation Verve Asset Manager. Technical details from PT-2025-12814 show the vulnerability affects Verve Asset Manager versions 1.39 and earlier, caused by insufficient variable sanitizing in the administrative web interface for the Legacy Agentless Device Invento...

CVE-2025-1449 Admin Shell Access Vulnerability in Rockwell Automation Verve Asset Manager

A vulnerability exists in the Rockwell Automation Verve Asset Manager due to insufficient variable sanitizing. A portion of the administrative web interface for Verve's Legacy Agentless Device Inventory ADI capability deprecated since the 1.36 release allows users to change a variable with...

CVE-2025-1449

creationtimestamp| type| source ---|---|--- 2025-03-25 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-084-02 2025-03-31 16:33:27+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9701 2025-03-31 16:44:25+00:00| seen|...

CVE-2024-1449

creationtimestamp| type| source ---|---|--- 2024-03-02 13:27:03+00:00| seen| https://t.me/ctinow/198350 2024-03-02 13:31:59+00:00| seen| https://t.me/ctinow/198355...

CVE-2024-1449

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's msslide shortcode in all versions up to, and including, 3.9.10 due to insufficient input sanitization and output escaping on the 'src' user supplied attributes. This make...

CVE-2024-1449

CVE-2024-1449 relates to the Master Slider – Responsive Touch Slider WordPress plugin. It is vulnerable to a Stored Cross-Site Scripting (XSS) via the ms_slide shortcode in all versions up to and including 3.9.5, caused by insufficient input sanitization and output escaping on user-supplied attri...

CVE-2024-1449 Master Slider – Responsive Touch Slider <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's msslide shortcode in all versions up to, and including, 3.9.10 due to insufficient input sanitization and output escaping on the 'src' user supplied attributes. This make...

CVE-2019-1449

creationtimestamp| type| source ---|---|--- 2024-02-13 08:56:19+00:00| seen| https://t.me/ctinow/183659...

Oracle Linux 5 : python (ELSA-2011-0027)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0027 advisory. - Resolves: CVE-2010-1634 CVE-2010-2089 - Related: CVE-2008-5983 - Rework rgbimgmodule fix for CVE-2008-3143 - Resolves: rhbz644425 CVE-2009-4134...

CVE-2023-1449

creationtimestamp| type| source ---|---|--- 2023-03-17 11:36:38+00:00| seen| https://t.me/cibsecurity/60235...

CVE-2023-1449

CVE-2023-1449 affects the GPAC suite (GPAC 2.3-DEV-rev35-gbbca86917-master). The vulnerability targets the function gf_av1_reset_state in media_tools/av_parsers.c and leads to a double free. Exploitation is local and has been disclosed publicly. A patch is recommended to fix the issue (VDB-223294).