Imgproxy < 3.14.0 - Cross-site Scripting (XSS)

Cross-site Scripting XSS - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0. id: CVE-2023-1496 info: name: Imgproxy 3.14.0 - Cross-site Scripting XSS author: pdteam severity: medium description: Cross-site Scripting XSS - Reflected in GitHub repository imgproxy/imgproxy prior to...

CVE-2026-1496

Coverity Connect CLI authentication bypass (CVE-2026-1496) affects vulnerable versions of Coverity Connect. The root cause is a missing error handler in the authentication logic for command line tooling, enabling an attacker with access to the /token endpoint to craft a request that bypasses auth...

RHSA-2026:1496 Red Hat Security Advisory: openssl security update

Bulletin has no description...

EUVD-2026-1496

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BuddyDev MediaPress allows Stored XSS.This issue affects MediaPress: from n/a through 1.6.2...

CVE-2025-1496

Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot allows Password Brute Forcing, Authentication Abuse.This issue affects Coslat Hotspot: before 6.26.0.R.20250227...

CVE-2025-1496

The CVE-2025-1496 entry concerns BG-TEK Coslat Hotspot with an improper restriction of excessive authentication attempts, enabling password brute forcing and authentication abuse. Affected product: Coslat Hotspot before version 6.26.0.R.20250227. Root cause described as insufficient protection ag...

CVE-2025-1496 Improper Authentication in BG-TEK's Coslat Hotspot

Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot allows Password Brute Forcing, Authentication Abuse.This issue affects Coslat Hotspot: before 6.26.0.R.20250227...

RHEL 8 : thunderbird (RHSA-2024:1496)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1496 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.9.0. Security Fixes: nss:...

CVE-2024-1496

creationtimestamp| type| source ---|---|--- 2024-03-08 14:21:57+00:00| seen| https://t.me/ctinow/203333...

CVE-2024-1496

CVE-2024-1496 affects the WordPress plugin “Featured Image from URL (FIFU)”. The vulnerability is a Stored Cross-Site Scripting (XSS) via the fifu_input_url parameter, in all versions up to 4.6.2. With contributor+ privileges, an authenticated attacker can inject scripts that execute when users v...

WordPress Featured Image from URL Plugin <= 4.6.2 is vulnerable to Cross Site Scripting (XSS)

Software Featured Image from URL Type Plugin Vulnerable versions = 4.6.2 Fixed in 4.6.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1496 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f0a73358e107 Credits Nikolas Required...

CVE-2023-1496

creationtimestamp| type| source ---|---|--- 2023-03-19 19:33:23+00:00| seen| https://t.me/cibsecurity/60290 2025-02-26 20:24:57+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5603 2025-07-07 14:10:08+00:00| seen|...

CVE-2023-1496

Cross-site Scripting XSS - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0...

CVE-2023-1496

CVE-2023-1496 affects the Imgproxy project prior to version 3.14.0, where a reflected Cross-site Scripting (XSS) vulnerability exists in imgproxy/imgproxy. The root cause is reflected XSS in the web interface, allowing an attacker to execute arbitrary JavaScript in the victim’s browser. Reported ...

CVE-2023-1496 Cross-site Scripting (XSS) - Reflected in imgproxy/imgproxy

Cross-site Scripting XSS - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0...

CVE-2022-1496

Use after free in File Manager in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction...

CVE-2022-1496

CVE-2022-1496 : Use-after-free in File Manager of Google Chrome before 101.0.4951.41 can allow a remote attacker to potentially exploit heap corruption via specific and direct user interaction. Affected product: Google Chrome/Chromium File Manager. Root cause: use-after-free vulnerability in File...

CVE-2022-1496

Use after free in File Manager in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction...

CVE-2022-1496

Use after free in File Manager in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction...

Mageia: Security Advisory (MGASA-2022-0158)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...