TOTOLINK X6000R 操作系统命令注入漏洞

The TOTOLINK X6000R is a wireless router produced by TOTOLINK, a Chinese company. The versions TOTOLINK X6000R 9.4.0cu.1360B20241207 and 9.4.0cu.1498B20250826 contain an operating system command injection vulnerability. This vulnerability stems from incorrect handling of the parameter Hostname in...

CVE-2026-1723

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1498B20250826...

CVE-2026-1723

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1498B20250826...

CVE-2026-1498

creationtimestamp| type| source ---|---|--- 2026-01-30 15:38:46+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/watchguard-security-advisory-av26-069 2026-02-05 23:40:56+00:00| seen| https://social.tchncs.de/users/gborn/statuses/116020664588285624 2026-02-05 23:40:56+00:00| seen|...

EUVD-2026-1498

Missing Authorization vulnerability in Hakob Re Gallery & Responsive Photo Gallery Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Re Gallery & Responsive Photo Gallery Plugin: from n/a through 1.17.18...

EUVD-2021-1498

Malware in sbrugna...

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...

Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management

Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 IF16 patch Vulnerability Details CVEID:CVE-2023-32342 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption...

openSUSE Security Advisory (SUSE-SU-2024:1498-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : thunderbird (RHSA-2024:1498)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1498 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.9.0. Security Fixes: nss:...

CVE-2024-1498

CVE-2024-1498 (Happy Addons for Elementor) is a Stored Cross-Site Scripting vulnerability in the Photo Stack Widget affecting all versions up to 3.10.3. The issue stems from insufficient input sanitization and output escaping on user-supplied attributes, enabling authenticated attackers with cont...

Oracle Linux 7 : thunderbird (ELSA-2024-1498)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-1498 advisory. 115.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.9.0-1 - Update to...

Security Bulletin: TADDM is vulnerable to a denial of service due to vulnerabilities in Apache HttpClient

Summary Apache HttpClient used by IBM Tivoli Application Dependency Discovery Manager and is vulnerable to CVE-2011-1498, CVE-2012-5783, CVE-2012-6153, CVE-2014-3577,CVE-2015-5262 Vulnerability Details CVEID:CVE-2011-1498 DESCRIPTION: Apache HttpComponents could allow a remote attacker to obtain...

CVE-2023-1498

creationtimestamp| type| source ---|---|--- 2023-03-19 23:33:36+00:00| seen| https://t.me/cibsecurity/60293...

CVE-2023-1498

The CVE-2023-1498 issue affects code-projects Responsive Hotel Site 1.0, specifically the Newsletter Log Handler’s file messages.php. The vulnerability arises from manipulation of the title argument, leading to SQL injection. It can be exploited remotely, and public exploits have been disclosed. ...

CVE-2022-1498

Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2022-1498

CVE-2022-1498 affects Google Chrome/Chromium: Inappropriate implementation in the HTML Parser allowed a remote attacker to leak cross-origin data via a crafted HTML page. The issue is tied to Chrome/Chromium versions prior to 101.0.4951.41. Public references reiter the same description across mul...

ai.api.libai.speech:libai-speech-gcp (>=1.4.6 <=1.6.12), ai.grakn:janus-factory (>=0.17.0 <=0.18.0) +4473 more potentially affected by CVE-2011-1498 via org.apache.httpcomponents:httpclient (>=4.0.1 <=4.1-beta1)

org.apache.httpcomponents:httpclient MAVEN version =4.0.1, =1.4.6, =0.17.0, =0.2.3.5, =0.2.3.5, =3.14.0.1, =3.8.2.4, =0.2.3.5, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.10.5.1, =3.10.4.1, =3.10.4.1, =3.20.0.1, =3.32.1.5 and more Source cves: CVE-2011-1498 Source advisory: OSV:GHSA-GW85-4GMF-M7RH...

Mageia: Security Advisory (MGASA-2022-0158)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-1498

creationtimestamp| type| source ---|---|--- 2021-10-08 16:50:48+00:00| exploited| Telegram/t56b3Q9Pzy6RNlSuP7aXlCGnrtD6ypfrASOXqro 2021-10-08 16:50:51+00:00| seen| https://t.me/anwar1213xx/979...