Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2026-1639)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-1639 Taskbuilder <= 5.0.2 - Authenticated (Subscriber+) SQL Injection via 'order' and 'sort_by' Parameters

The Taskbuilder – WordPress Project Management & Task Management plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'order' and 'sortby' parameters in all versions up to, and including, 5.0.2 due to insufficient escaping on the user supplied parameter and lack of...

CVE-2009-1639

Stack-based buffer overflow in Nucleus Data Recovery Kernel Recovery for Novell 4.03 allows user-assisted attackers to execute arbitrary code via a crafted .NKNT file...

Exploit for Missing Authorization in Crowdytheme Arolax

🔓 Exploit Script for CVE-2025-1639 📝 Description The Anim...

CVE-2025-1639

creationtimestamp| type| source ---|---|--- 2025-03-04 05:01:11+00:00| published-proof-of-concept| Telegram/vguQSoDtfnSSMMh6g3qPKY0JcDG6idXQojUpnqu8LsOOPP8 2025-03-04 05:48:44+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114102588102913759 2025-03-04 07:04:09+00:00| seen|...

CVE-2025-1639 Animation Addons for Elementor Pro <= 1.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation

The Animation Addons for Elementor Pro plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the installelementorpluginhandler function in all versions up to, and including, 1.6. This makes it possible for authenticated attackers, wi...

CVE-2025-1639 Animation Addons for Elementor Pro <= 1.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation

The Animation Addons for Elementor Pro plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the installelementorpluginhandler function in all versions up to, and including, 1.6. This makes it possible for authenticated attackers, wi...

WordPress License Manager for WooCommerce Plugin <= 3.0.6 is vulnerable to Sensitive Data Exposure

Software License Manager for WooCommerce Type Plugin Vulnerable versions = 3.0.6 Fixed in 3.0.7 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-1639 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0b1e43ddb6ac Credits Lucio Sá...

openSUSE: Security Advisory for opera (openSUSE-SU-2022:0156-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : kernel (Live Patch 1 for SLE 15 SP4) (SUSE-SU-2023:1639-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1639-1 advisory. - A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRVCTLIOCTLELEMREAD|WRITE32 is missing locks that can be...

CVE-2023-1639

creationtimestamp| type| source ---|---|--- 2023-03-27 00:50:52+00:00| seen| https://t.me/cibsecurity/60760...

CVE-2023-1639 IObit Malware Fighter IOCTL ImfRegistryFilter.sys 0x8001E04C denial of service

A vulnerability classified as problematic has been found in IObit Malware Fighter 9.4.0.776. This affects the function 0x8001E04C in the library ImfRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host...

CVE-2023-1639

The CVE-2023-1639 issue affects IObit Malware Fighter 9.4.0.776, specifically the ImfRegistryFilter.sys IOCTL Handler function 0x8001E04C. The vulnerability results in denial of service when exploited locally. Multiple connected sources confirm the affected component and local attack vector, with...

Amazon Linux AMI : vim (ALAS-2022-1639)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1639 advisory. A flaw was found in vim, which is vulnerable to an out-of-bounds read in the msgouttransspecial function. This flaw allows a specially crafted file to crash software or execute code when opened in...

CVE-2022-1639

Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-1639

The CVE-2022-1639 issue is confirmed in ANGLE within Google Chrome before 101.0.4951.64, caused by a use-after-free that can lead to heap corruption via a crafted HTML page. Affected software is Chrome (ANGLE/Chromium stack) with remote, user-page interaction required for exploitation, and the im...

CVE-2022-1639

Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-1639

Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Fedora: Security Advisory for chromium (FEDORA-2022-bcb096166f)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

KLA12555 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in ANGLE can be exploited to cause denial of service or execute arbitrar...