CVE-2026-1609

creationtimestamp| type| source ---|---|--- 2026-02-12 14:10:15+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3meo6a3ooor2o...

EUVD-2014-8391

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2015-1609

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request. CVE-2015-1609 No...

CVE-2024-1609

In OPPOStore iOS App, there's a possible escalation of privilege due to improper input validation...

CVE-2022-1609

The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site...

CVE-2013-1609

Multiple unquoted Windows search path vulnerabilities in the 1 File Collector and 2 File PlaceHolder services in Symantec Enterprise Vault EV for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program...

CVE-2025-1609 LB-LINK AC1900 Router set_cmd websGetVar os command injection

A vulnerability has been found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by this vulnerability is the function websGetVar of the file /goform/setcmd. The manipulation of the argument cmd leads to os command injection. The attack can be launched remotely. The exploit has...

CVE-2025-1609 LB-LINK AC1900 Router set_cmd websGetVar os command injection

A vulnerability has been found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by this vulnerability is the function websGetVar of the file /goform/setcmd. The manipulation of the argument cmd leads to os command injection. The attack can be launched remotely. The exploit has...

CVE-2024-1609 OPPO Store APP has a WebView component privilege escalation vulnerability.

In OPPOStore iOS App, there's a possible escalation of privilege due to improper input validation...

CVE-2022-1609

The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site...

CVE-2022-1609

The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site...

CVE-2022-1609 The School Management < 9.9.7 - Unauthenticated RCE via REST api

The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site...

CVE-2022-1609

CVE-2022-1609 affects The School Management WordPress plugin prior to version 9.9.7. The obfuscated backdoor is injected in the license checking code and registers a REST API handler, enabling an unauthenticated attacker to execute arbitrary PHP code on the site (RCE). Impact is the ability to ru...

SUSE CVE-2024-0209

IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file...

Rocky Linux 8 : p11-kit (RLSA-2021:1609)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1609 advisory. - An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit...

Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1609)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker coul...

CVE-2023-1609

A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4. It has been rated as problematic. This issue affects the function save of the file /api/admin/store/product/save. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to...

CVE-2023-1609

CVE-2023-1609 affects Zhong Bang CRMEB Java up to 1.3.4. The issue resides in the /api/admin/store/product/save function, enabling cross-site scripting via the save endpoint with remote attack capability. Public disclosures exist (VDB-223739). A practical workaround from PT-2023-17115 suggests te...

Weblizar School Management Pro plugin backdoor

Added: 08/12/2022 CVE: CVE-2022-1609 Background Weblizar School Management is a WordPress plugin for management of school operations. Problem The license checking code in School Management Pro contains a backdoor which allows remote attackers to execute arbitrary commands. Resolution Upgrade to t...

Weblizar School Management Pro plugin backdoor

Added: 08/12/2022 CVE: CVE-2022-1609 Background Weblizar School Management is a WordPress plugin for management of school operations. Problem The license checking code in School Management Pro contains a backdoor which allows remote attackers to execute arbitrary commands. Resolution Upgrade to t...