WordPress HTML2WP <=1.0.0 - Arbitrary File Upload

WordPress HTML2WP plugin through 1.0.0 contains an arbitrary file upload vulnerability. The plugin does not perform authorization and CSRF checks when importing files and does not validate them. As a result, an attacker can upload arbitrary files on the remote server. id: CVE-2022-1574 info: name...

CVE-2026-1574

creationtimestamp| type| source ---|---|--- 2026-03-07 10:03:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mghl6mrzwf2z...

CVE-2026-1574 MyQtip – easy qTip2 <= 2.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The MyQtip – easy qTip2 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's myqtip shortcode in all versions up to, and including, 2.0.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

RockyLinux 8 : gimp:2.8 (RLSA-2026:1574)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1574 advisory. gimp: GIMP: Remote Code Execution via PNM file parsing integer overflow CVE-2025-14422 Tenable has extracted the preceding description block directly from the...

RHEL 8 : gimp:2.8 (RHSA-2026:1574)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1574 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including...

AlmaLinux 8 : gimp:2.8 (ALSA-2026:1574)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:1574 advisory. gimp: GIMP: Remote Code Execution via PNM file parsing integer overflow CVE-2025-14422 Tenable has extracted the preceding description block directly from the...

Oracle Linux 8 : gimp:2.8 (ELSA-2026-1574)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1574 advisory. gimp 2:2.8.22-26.4 - fix CVE-2025-14422 pygobject2 pygtk2 python2-pycairo Tenable has extracted the preceding description block directly from the Oracle Linux...

MiracleLinux 4 : firefox-31.2.0-3.0.1.AXS4 (AXSA:2014-595:06)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-595:06 advisory. Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed wi...

EUVD-2026-1574

Asseco InfoMedica is a comprehensive solution used to manage both administrative and medical tasks in the healthcare sector. A low privileged user is able to obtain encoded passwords of all other accounts including main administrator due to lack of granularity in access control. Chained...

CVE-2024-1574

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in the licensing feature of Mitsubishi Electric GENESIS64 versions 10.97.2 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.2 and prior, Mitsubishi Electric Hyper Historian versions 10.97.2 a...

CVE-2001-1574

Buffer overflow in 1 HttpSaveCVP.dll and 2 HttpSaveCSP.dll in Trend Micro InterScan VirusWall 3.5.1 allows remote attackers to execute arbitrary code...

CVE-2024-1574

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in the licensing feature of Mitsubishi Electric GENESIS64 versions 10.97.2 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.2 and prior, Mitsubishi Electric Hyper Historian versions 10.97.2 a...

CVE-2024-1574

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in the licensing feature of Mitsubishi Electric GENESIS64 versions 10.97.2 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.2 and prior, Mitsubishi Electric Hyper Historian versions 10.97.2 a...

CVE-2024-1574

CVE-2024-1574 is an Unsafe Reflection vulnerability in the licensing service of ICONICS/Mitsubishi Electric products. Affected: ICONICS GENESIS64 and ICONICS Suite (GENESIS64, Hyper Historian, AnalytiX, MobileHMI) up to version 10.97.2; ICONICS GENESIS32/BizViz lines up to 9.7; MC Works64 all ver...

CVE-2024-1574

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in the licensing feature of Mitsubishi Electric GENESIS64 versions 10.97.2 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.2 and prior, Mitsubishi Electric Hyper Historian versions 10.97.2 a...

Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update D)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.0 ATTENTION : Exploitable remotely Vendor : ICONICS, Mitsubishi Electric Equipment : ICONICS Product Suite Vulnerabilities : Allocation of Resources Without Limits or Throttling, Improper Neutralization, Uncontrolled Search Path Element, Improper...

Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2024-1574)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : go1.21 (SUSE-SU-2024:1574-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1574-1 advisory. - On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage o...

RHCOS 4 : OpenShift Container Platform 4.12.54 (RHSA-2024:1574)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1574 advisory. - golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 - golang-protobuf:...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1574)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...