Amazon Linux 2023 : oci-add-hooks (ALAS2023-2026-1575)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1575 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or...

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2026-1575)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2005-1575

The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160...

EUVD-2026-1575

When doing SSH-based transfers using either SCP or SFTP, and setting the knownhosts file, libcurl could still mistakenly accept connecting to hosts not present in the specified file if they were added as recognized in the libssh global knownhosts file...

CVE-2003-1575

VERITAS File System VxFS 3.3.3, 3.4, and 3.5 before MP1 Rolling Patch 02 for Sun Solaris 2.5.1 through 9 does not properly implement inheritance of default ACLs in certain circumstances related to the characteristics of a directory inode, which allows local users to bypass intended file permissio...

CVE-2025-1575

A vulnerability classified as problematic has been found in Harpia DiagSystem 12. Affected is an unknown function of the file /diagsystem/PACS/atualatendimentojpeg.php. The manipulation of the argument cod/codexame leads to improper control of resource identifiers. It is possible to launch the...

CVE-2025-1575

CVE-2025-1575 affects Harpia DiagSystem 12. The vulnerability lies in the file /diagsystem/PACS/atualatendimento_jpeg.php where manipulation of the cod/codexame argument leads to improper control of resource identifiers. It is possible to launch the attack remotely, and public exploitation has be...

CVE-2025-1575 Harpia DiagSystem atualatendimento_jpeg.php resource injection

A vulnerability classified as problematic has been found in Harpia DiagSystem 12. Affected is an unknown function of the file /diagsystem/PACS/atualatendimentojpeg.php. The manipulation of the argument cod/codexame leads to improper control of resource identifiers. It is possible to launch the...

CVE-2025-1575 Harpia DiagSystem atualatendimento_jpeg.php resource injection

A vulnerability classified as problematic has been found in Harpia DiagSystem 12. Affected is an unknown function of the file /diagsystem/PACS/atualatendimentojpeg.php. The manipulation of the argument cod/codexame leads to improper control of resource identifiers. It is possible to launch the...

CVE-2024-20120

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1575...

CVE-2024-20120

CVE-2024-20120 concerns a bound-check failure in KeyInstall that enables an out-of-bounds write, leading to local privilege escalation with SYSTEM-level execution privileges required and no user interaction needed. Multiple sources (NVD, Red Hat, CVE lists, and vuln enrichment) confirm the issue ...

Storm-1575 Threat Actor Deploys New Login Panels for Phishing Infrastructure

The Storm-1575 group is known for frequently rebranding its phishing infrastructure. Recently, ANY.RUN analysts identified the deployment of…...

CVE-2024-1575

creationtimestamp| type| source ---|---|--- 2024-07-23 04:42:08+00:00| seen| https://t.me/cvedetector/1494...

CVE-2024-1575

The improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70ACGG.3 and earlier versions could allow an authenticated user to escalate privileges and download the configuration files on a vulnerable device...

CVE-2024-1575

The improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70ACGG.3 and earlier versions could allow an authenticated user to escalate privileges and download the configuration files on a vulnerable device...

Tycoon and Storm-1575 Linked to Phishing Attacks on US Schools

By Deeba Ahmed Tycoon and Storm-1575 threat actors launched targeted spear phishing attacks to bypass MFA protections, targeting officials at large US school districts. This is a post from HackRead.com Read the original post: Tycoon and Storm-1575 Linked to Phishing Attacks on US Schools...

CVE-2023-1575

creationtimestamp| type| source ---|---|--- 2023-03-29 18:18:42+00:00| seen| https://t.me/cibsecurity/61017...

CVE-2023-1575

The CVE-2023-1575 entry describes a Stored XSS flaw in the Mega Main Menu WordPress plugin up to version 2.2.2, stemming from insufficient input sanitization and output escaping. Exploitation requires authenticated admin-level access and affects multisite installs or sites with unfiltered_html di...

CVE-2023-1575 Mega Main Menu <= 2.2.2 - Authenticated (Administrator+) Cross-Site Scripting

The Mega Main Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via some of its settings parameters in versions up to, and including, 2.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

CVE-2022-1575

creationtimestamp| type| source ---|---|--- 2022-05-05 16:55:04+00:00| seen| https://t.me/cibsecurity/41987...