CVE-2025-14866

creationtimestamp| type| source ---|---|--- 2026-01-23 13:44:23+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3md3thhh65x2x 2026-01-23 14:16:49+00:00| seen| https://gist.github.com/Darkcrai86/095bde1b1a9552b664f505a2fc8ac18d 2026-01-23 14:18:53+00:00| seen|...

CVE-2025-14866

The Melapress Role Editor plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.1. This is due to a misconfigured capability check on the 'savesecondaryrolesfield' function. This makes it possible for authenticated attackers, with Subscriber-level...

MiracleLinux 8 : cpio-2.12-10.el8 (AXSA:2021-1794:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1794:01 advisory. cpio: improper input validation when writing tar header fields leads to unexpected tar generation CVE-2019-14866 Tenable has extracted the preceding...

Siemens Ruggedcom ROX Improper Input Validation (CVE-2019-14866)

In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have...

EUVD-2021-21546

Malware in sbrugna...

CVE-2018-14866

Incorrect access control in the TransientModel framework in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated attackers to access data in transient records that they do not own by making an RPC call before garbage collection occurs...

Linux Distros Unpatched Vulnerability : CVE-2017-14866

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a heap-based buffer overflow in the Exiv2::s2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack...

RHEL 6 : cpio (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cpio: improper input validation when writing tar header fields leads to unexpected tar generation...

CVE-2019-14866

creationtimestamp| type| source ---|---|--- 2024-03-19 20:47:00+00:00| seen| https://t.me/ctinow/211922...

Rocky Linux 8 : cpio (RLSA-2021:1582)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:1582 advisory. - In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an...

[SECURITY] [DLA 3445-1] cpio security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3445-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk June 04, 2023 https://wiki.debian.org/LTS -...

NewStart CGSL MAIN 6.02 : cpio Vulnerability (NS-SA-2022-0059)

The remote NewStart CGSL host, running version MAIN 6.02, has cpio packages installed that are affected by a vulnerability: - In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker ca...

AlmaLinux 8 : cpio (ALSA-2021:1582)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2021:1582 advisory. - In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

CVE-2021-34899

Bentley View 10.15.0.75 is vulnerable to a remote code execution through out-of-bounds writes while parsing JT files. Crafted JT data can trigger a write past the end of an allocated buffer, allowing an attacker to execute code in the context of the victim process. User interaction is required (v...

Moderate: Red Hat Security Advisory: cpio security update

An update for cpio is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

NewStart CGSL CORE 5.05 / MAIN 5.05 : cpio Vulnerability (NS-SA-2021-0169)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has cpio packages installed that are affected by a vulnerability: - In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an...

mysql:8.0 security, bug fix, and enhancement update

An update is available for mecab-ipadic, mecab, mysql. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MySQL is a multi-user, multi-threaded SQL database server...

CVE-2020-14866 affecting package mysql 8.0.21-1

CVE-2020-14866 affecting package mysql 8.0.21-1. An upgraded version of the package is available that resolves this issue...

Moderate: Red Hat Security Advisory: cpio security update

An update for cpio is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...