CVE-2009-1537

creationtimestamp| type| source ---|---|--- 2026-05-20 18:00:02+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/675f3e40-1b20-4f43-8a01-57264171ed3f 2026-05-20 21:13:36+00:00| seen| https://infosec.exchange/users/secdb/statuses/116608677530202595 2026-05-2...

Amazon Linux 2023 : tigervnc, tigervnc-icons, tigervnc-license (ALAS2023-2026-1537)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1537 advisory. In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions. CVE-2026-34352...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2026-1537)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 7 : python (ELSA-2026-1537)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1537 advisory. 2.7.5-94.0.3 - Fix for CVE-2025-12084 Orabug: 38902314 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.AXS4 (AXSA:2013-428:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-428:03 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2013-0401 The Java Runtime Environment JRE component in Oracle Java SE ...

EUVD-2026-1537

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in brandexponents Oshine oshin allows PHP Local File Inclusion.This issue affects Oshine: from n/a through = 7.2.7...

Linux Distros Unpatched Vulnerability : CVE-2022-1537

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. Thi...

SUSE: Security Advisory (SUSE-SU-2025:1537-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-1537

creationtimestamp| type| source ---|---|--- 2025-02-27 17:25:22+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5726...

CVE-2025-1537

A vulnerability was found in Harpia DiagSystem 12. It has been rated as critical. This issue affects some unknown processing of the file /diagsystem/PACS/atualatendimentojpeg.php. The manipulation of the argument codexame leads to sql injection. The attack may be initiated remotely. The exploit h...

CVE-2025-1537 Harpia DiagSystem atualatendimento_jpeg.php sql injection

A vulnerability was found in Harpia DiagSystem 12. It has been rated as critical. This issue affects some unknown processing of the file /diagsystem/PACS/atualatendimentojpeg.php. The manipulation of the argument codexame leads to sql injection. The attack may be initiated remotely. The exploit h...

CVE-2025-1537

Harpia DiagSystem 12 is affected by a remotely exploitable SQL injection vulnerability in the /diagsystem/PACS/atualatendimento_jpeg.php endpoint, triggered by manipulating the codexame parameter. The issue has been publicly disclosed and the vendor has not responded. No additional remediation de...

CVE-2025-1537 Harpia DiagSystem atualatendimento_jpeg.php sql injection

A vulnerability was found in Harpia DiagSystem 12. It has been rated as critical. This issue affects some unknown processing of the file /diagsystem/PACS/atualatendimentojpeg.php. The manipulation of the argument codexame leads to sql injection. The attack may be initiated remotely. The exploit h...

CVE-2024-1537

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Data Table widget in all versions up to, and including, 5.9.9 due to insufficient input sanitization and output...

CVE-2024-1537

CVE-2024-1537 impacts the WordPress plugin Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders. The vulnerability is a Stored Cross-Site Scripting (XSS) in the plugin’s Data Table widget, caused by insufficient input sanitization and output escaping on ...

WordPress Essential Addons for Elementor Plugin <= 5.9.9 is vulnerable to Cross Site Scripting (XSS)

Software Essential Addons for Elementor Type Plugin Vulnerable versions = 5.9.9 Fixed in 5.9.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1537 Patch priority Low CVSS severity Low 6.5 Developer WPDeveloper PSID 760e9ecbd984 Credits wesley wcraf...

Rocky Linux 8 : gzip (RLSA-2022:1537)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1537 advisory. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted fi...

Debian: Security Advisory (DLA-3383-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3383 : grunt - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3383 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3383-1 [email protected] https://www.debian.org/lts/security/...

CVE-2023-1537

Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6...