108 matches found
CVE-2005-1653
Cross-site scripting XSS vulnerability in message.htm for Woppoware PostMaster 4.2.2 build 3.2.5 allows remote attackers to inject arbitrary web script or HTML via the email parameter...
EUVD-2026-1653
Malicious code in chai-min npm...
CVE-2025-1653
The Directory Listings WordPress plugin – uListing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.2.0. This is due to the stmlistingprofileedit AJAX action not having enough restriction on the user meta that can be updated. This makes it possibl...
CVE-2025-1653
The Directory Listings WordPress plugin – uListing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.2.0. This is due to the stmlistingprofileedit AJAX action not having enough restriction on the user meta that can be updated. This makes it possibl...
CVE-2025-1653 Directory Listings WordPress plugin – uListing <= 2.2.0 - Authenticated (Subscriber+) Privilege Escalation
The Directory Listings WordPress plugin – uListing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.2.0. This is due to the stmlistingprofileedit AJAX action not having enough restriction on the user meta that can be updated. This makes it possibl...
CVE-2025-1653
CVE-2025-1653 affects Directory Listings WordPress plugin – uListing; all versions up to and including 2.1.7 are vulnerable to Privilege Escalation via the stm_listing_profile_edit AJAX action. An authenticated user with Subscriber-level access and above can elevate privileges to Administrator. T...
Moderate: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2024-1653
creationtimestamp| type| source ---|---|--- 2024-02-27 12:31:57+00:00| seen| https://t.me/ctinow/194306 2024-02-27 12:32:11+00:00| seen| https://t.me/ctinow/194317 2024-03-14 12:56:13+00:00| seen| https://t.me/ctinow/207679...
CVE-2024-1653
The CVE-2024-1653 vulnerability affects the Categorify WordPress plugin and hinges on a missing authorization check in categorifyAjaxUpdateFolderPosition. It affects all versions up to 1.0.7.4, enabling an authenticated attacker with subscriber-level access or higher to modify folder positions an...
K40663742: OpenSSH vulnerability CVE-2004-1653
Security Advisory Description The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS. CVE-2004-1653 Impact There is no impact; F5 products are not...
Amazon Linux AMI : git (ALAS-2022-1653)
The version of git installed on the remote host is prior to 2.38.1-1.77. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1653 advisory. Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5,...
CVE-2022-1653 Social Share Buttons by Supsystic < 2.2.4 - Multiple CSRF
The Social Share Buttons by Supsystic WordPress plugin before 2.2.4 does not perform CSRF checks in it's ajax endpoints and admin pages, allowing an attacker to trick any logged in user to manipulate or change the plugin settings, as well as create, delete and rename projects and networks...
CVE-2022-1653
The CVE-2022-1653 entry refers to the WordPress plugin Social Share Buttons by Supsystic (versions prior to 2.2.4). The concrete details in connected sources confirm a CSRF flaw where the plugin does not perform CSRF checks on AJAX endpoints and admin pages, enabling an attacker to trick a logged...
Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
Summary Actions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication. • Use antivirus software. • Develop internal contact lists and...
SUSE: Security Advisory (SUSE-SU-2013:0618-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Top 12 Security Flaws Russian Spy Hackers Are Exploiting in the Wild
Cyber operatives affiliated with the Russian Foreign Intelligence Service SVR have switched up their tactics in response to previous public disclosures of their attack methods, according to a new advisory jointly published by intelligence agencies from the U.K. and U.S. Friday. "SVR cyber operato...
CentOS 8 : zziplib (CESA-2020:1653)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:1653 advisory. - zziplib: directory traversal in unzzipcat in the bins/unzzipcat-mem.c CVE-2018-17828 Note that Nessus has not tested for this issue but has instead relied onl...
CVE-2021-1653
Windows CSC Service Elevation of Privilege Vulnerability...
CVE-2021-1653
CVE-2021-1653 details are not publicly provided in the provided documents. No affected products, root cause, or remediation are specified here. Monitor for updates.
KB4598229: Windows 10 Version 1909 January 2021 Security Update
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1685. CVE-2021-1642 - Windows DNS Query Information Disclosure Vulnerability...