143 matches found
Joomla! Component Advertising 0.25 - Local File Inclusion
A directory traversal vulnerability in the Advertising comadvertising component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1473 info: name: Joomla! Component...
CVE-2026-1473
creationtimestamp| type| source ---|---|--- 2026-01-27 19:59:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdgkblitn626...
CVE-2026-1473
An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario’ in '/evaluacioncompetenciasevalua.aspx', could allow an attacker to extract...
MiracleLinux 7 : glibc-2.17-105.el7 (AXSA:2015-569:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-569:01 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as t...
CVE-2005-1473
SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field...
CVE-2001-1473
creationtimestamp| type| source ---|---|--- 2025-07-29 21:00:04+00:00| published-proof-of-concept| Telegram/ujDzFFrET3ZH5xQdQMIqDWCAd6Ask0YbS48UdaKK1nCHgf0...
CVE-2023-1473
The Slider, Gallery, and Carousel by MetaSlider WordPress plugin 3.29.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2015-1473 affecting package dietlibc for versions less than 0.34-7
CVE-2015-1473 affecting package dietlibc for versions less than 0.34-7. A patched version of the package is available...
CVE-2025-1473
A Cross-Site Request Forgery CSRF vulnerability exists in the Signup feature of mlflow/mlflow versions 2.17.0 to 2.20.1. This vulnerability allows an attacker to create a new account, which may be used to perform unauthorized actions on behalf of the malicious user...
api-python-bet-project (>=0.1.9 <=0.1.22), argosml (>=0.0.1 <=0.1.3) +33 more potentially affected by CVE-2025-1473 via mlflow (>=2.17.0 <=2.20.2)
mlflow PYPI version =2.17.0, =0.1.9, =0.0.1, =1.0.6, =1.9.23, =0.1.0, =0.0.10, =1.1.5, =0.1.2370984012, =1.6.0, =0.14.0, =0.14.0, =0.14.0, =0.1.1, =0.1.2 and more Source cves: CVE-2025-1473 Source advisory: OSV:GHSA-969W-GQQR-G6J3...
CVE-2025-1473
A Cross-Site Request Forgery CSRF vulnerability exists in the Signup feature of mlflow/mlflow versions 2.17.0 to 2.20.1. This vulnerability allows an attacker to create a new account, which may be used to perform unauthorized actions on behalf of the malicious user...
CVE-2025-1473
A Cross-Site Request Forgery CSRF vulnerability exists in the Signup feature of mlflow/mlflow versions 2.17.0 to 2.20.1. This vulnerability allows an attacker to create a new account, which may be used to perform unauthorized actions on behalf of the malicious user...
CVE-2025-1473
In MLflow (mlflow/mlflow), a CSRF vulnerability affects versions 2.17.0 to 2.20.1 in the Signup feature, allowing an attacker to create a new account and potentially perform unauthorized actions on behalf of the attacker’s account. The CVE-2025-1473 entry documents the flaw and its impact as Cros...
Linux Distros Unpatched Vulnerability : CVE-2013-1473
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to...
Linux Distros Unpatched Vulnerability : CVE-2011-1473
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it...
edk2 security update
Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...
Huawei EulerOS: Security Advisory for mozjs60 (EulerOS-SA-2024-1473)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-1473
The Coming Soon & Maintenance Mode by Colorlib plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.99 via the REST API. This makes it possible for unauthenticated attackers to obtain post and page contents via REST API thus bypassing maintenance mo...
CVE-2024-1473 Coming Soon & Maintenance Mode by Colorlib <= 1.0.99 - Information Exposure
The Coming Soon & Maintenance Mode by Colorlib plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.99 via the REST API. This makes it possible for unauthenticated attackers to obtain post and page contents via REST API thus bypassing maintenance mo...
CVE-2024-1473
CVE-2024-1473 affects the Colorlib Coming Soon & Maintenance Mode plugin for WordPress. The vulnerability allows Information Exposure via the REST API in all versions up to and including 1.0.99, enabling unauthenticated attackers to obtain post/page contents and bypass maintenance mode protection...