CVE-2026-1585

creationtimestamp| type| source ---|---|--- 2026-03-03 00:30:00+00:00| seen| https://jvn.jp/en/vu/JVNVU99676444/...

CVE-2026-1585

An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows versions 1.1.2 through 1.5.0 may allow a local attacker to execute a malicious file with the privileges of the affected service...

MiracleLinux 3 : firefox-3.6.14-4.0.1.AXS3; xulrunner-1.9.2.14-4.0.1.AXS3 (AXSA:2011-75:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-75:01 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this release...

MiracleLinux 4 : firefox-3.6.14-4.0.1.AXS4, xulrunner-1.9.2.14-3.0.1.AXS4 (AXSA:2011-93:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-93:01 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. XULRunner provides the XUL Runtime...

CVE-2025-1585

A vulnerability, which was classified as problematic, has been found in otale tale up to 2.0.5. This issue affects the function OptionsService of the file src/main/resources/templates/themes/default/partial/header.html. The manipulation of the argument logourl leads to cross site scripting. The...

ROOT-OS-DEBIAN-12-CVE-2016-1585 CVE-2016-1585 in rootio-apparmor - Patched by Root

Root has patched CVE-2016-1585 in the rootio-apparmor package for Root:Debian:12. Multiple fixed versions available...

CVE-2022-1585

The Project Source Code Download WordPress plugin through 1.0.0 does not protect its backup generation and download functionalities, which may allow any visitors on the site to download the entire site, including sensitive files like wp-config.php...

CBL Mariner 2.0 Security Update: CBL-Mariner Releases / apparmor (CVE-2016-1585)

The version of CBL-Mariner Releases / apparmor installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2016-1585 advisory. - In all versions of AppArmor mount rules are accidentally widened when compiled...

Linux Distros Unpatched Vulnerability : CVE-2016-1585

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of AppArmor mount rules are accidentally widened when compiled. CVE-2016-1585 Note that Nessus relies on the presence of the package as reported...

Linux Distros Unpatched Vulnerability : CVE-2014-1585

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 do...

CVE-2025-1585

creationtimestamp| type| source ---|---|--- 2025-02-23 14:21:36+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5093 2025-02-23 16:27:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3liuatiiv3t2k 2025-02-23 17:38:06+00:00| seen|...

CVE-2025-1585

A vulnerability, which was classified as problematic, has been found in otale tale up to 2.0.5. This issue affects the function OptionsService of the file src/main/resources/templates/themes/default/partial/header.html. The manipulation of the argument logourl leads to cross site scripting. The...

CVE-2025-1585 otale header.html OptionsService cross site scripting

A vulnerability, which was classified as problematic, has been found in otale tale up to 2.0.5. This issue affects the function OptionsService of the file src/main/resources/templates/themes/default/partial/header.html. The manipulation of the argument logourl leads to cross site scripting. The...

CVE-2025-1585

Tale Blog (otale tale) up to version 2.0.5 is affected. The vulnerability resides in the OptionsService function (src/main/resources/templates/themes/default/partial/header.html) where manipulating the logo_url argument enables cross-site scripting. The issue can be exploited remotely and the pub...

CVE-2025-1585 otale header.html OptionsService cross site scripting

A vulnerability, which was classified as problematic, has been found in otale tale up to 2.0.5. This issue affects the function OptionsService of the file src/main/resources/templates/themes/default/partial/header.html. The manipulation of the argument logourl leads to cross site scripting. The...

GHSA-96G7-G7G9-JXW8 happy-dom allows for server side code to be executed by a <script> tag

Impact Consumers of the NPM package happy-dom Patches The security vulnerability has been patched in v15.10.2 Workarounds No easy workarounds to my knowledge References 1585...

CVE-2024-1585 Metform Elementor Contact Form Builder <= 3.8.3 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode

The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.8.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-1585

CVE-2024-1585 affects Metform – Elementor Contact Form Builder for WordPress. The vulnerability is a Stored Cross-Site Scripting (XSS) in shortcode handling, caused by insufficient input sanitization and output escaping on user-supplied attributes. Affected versions are up to 3.8.3; exploitation ...

WordPress Metform Elementor Contact Form Builder Plugin <= 3.8.3 is vulnerable to Cross Site Scripting (XSS)

Software Metform Elementor Contact Form Builder Type Plugin Vulnerable versions = 3.8.3 Fixed in 3.8.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1585 Patch priority Low CVSS severity Low 6.5 Developer Wpmet PSID 30fa19a63f6b Credits Bassem Essa...

Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation (CVE-2019-1585)

A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers...