148 matches found
RockyLinux 9 : python3.9 (RLSA-2026:1478)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1478 advisory. cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service CVE-2025-12084 Tenable has extracted the preceding description block...
CVE-2026-1478
An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' and 'Idevaluacion’ in ‘/evaluacionhcaevalua.aspx’, could allow an attacker ...
CVE-2026-1478
creationtimestamp| type| source ---|---|--- 2026-01-27 19:14:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdghrjq4un2c...
EUVD-2017-1478
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2025-1478
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 8.13 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input...
CVE-2025-1478
Removed by vendor...
CVE-2025-1478 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 8.13 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in Board Names could be used to trigger a denial of service...
GitLab 8.13 < 17.10.8 / 17.11 < 17.11.4 / 18.0 < 18.0.2 (CVE-2025-1478)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 8.13 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in Board Names could be used to...
CVE-2019-1478
An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'...
CVE-2015-1478
Cross-site scripting XSS vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the view parameter to /classifieds...
CVE-2019-1478
creationtimestamp| type| source ---|---|--- 2024-03-09 15:16:26+00:00| seen| https://t.me/ctinow/203962...
CVE-2024-1478
creationtimestamp| type| source ---|---|--- 2024-03-05 03:27:54+00:00| seen| https://t.me/ctinow/199853...
CVE-2024-1478
CVE-2024-1478 affects the WordPress plugin “Maintenance Mode.” Multiple sources confirm a REST API–driven Sensitive Information Exposure that lets unauthenticated attackers fetch post/page content in versions up to 2.5.0. The vulnerability arises from REST API access bypassing the plugin’s conten...
WordPress Maintenance Mode by helderk Plugin <= 3.0.2 is vulnerable to Sensitive Data Exposure
Software Maintenance Mode by helderk Type Plugin Vulnerable versions = 3.0.2 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-1478 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID f1665efaf959 Credits Francesco Carluc...
WordPress Hummingbird Plugin < 3.4.2 is vulnerable to Path Traversal
Software Hummingbird Type Plugin Vulnerable versions 3.4.2 Fixed in 3.4.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Path Traversal CVE CVE-2023-1478 Patch priority High CVSS severity High 8.6 Developer WPMU DEV PSID 237afa7a6db1 Credits Karol Mazurek AFINE Required privilege...
CVE-2023-1478
creationtimestamp| type| source ---|---|--- 2023-04-10 18:35:54+00:00| seen| https://t.me/cibsecurity/61755...
CVE-2023-1478
CVE-2023-1478 affects the WordPress plugin Hummingbird (pre-3.4.2). The issue is that the plugin does not validate the generated file path for page cache files before writing, causing a path traversal vulnerability in the page cache module. Reported impact in CVSS terms is high (CRITICAL) with un...
CVE-2023-1478 Hummingbird < 3.4.2 - Unauthenticated Path Traversal
The Hummingbird WordPress plugin before 3.4.2 does not validate the generated file path for page cache files before writing them, leading to a path traversal vulnerability in the page cache module...
Security Bulletin: Multiple Security Vulnerabilities in IBM Sterling Control Center
Abstract A number of security vulnerabilities have been discovered in the Java Runtime Environment and the Cognos Business Intelligence components included in IBM SCC. Content CVE ID: CVE-2013-1557 DESCRIPTION: Unspecified vulnerability in the Java Runtime Environment JRE related to RMI Remote...
CVE-2022-1478
Use after free in SwiftShader in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...