CVE-2023-1671

A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code...

CVE-2012-1671

Directory traversal vulnerability in index.php in phpPaleo 4.8b155 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter...

CVE-2010-1671

hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via shell metacharacters in command-line arguments, as demonstrated by the second argument in a down action...

Linux Distros Unpatched Vulnerability : CVE-2022-1671

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference flaw was found in rxrpcpreparses in net/rxrpc/serverkey.c in the Linux kernel. This flaw allows a local attacker to crash the system ...

Linux Distros Unpatched Vulnerability : CVE-2024-1671

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Site Isolation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted...

CVE-2025-1671 Academist Membership <= 1.1.6 - Authentication Bypass via Account Takeover

The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.6. This is due to the academistmembershipcheckfacebookuser function not properly verifying a user's identity prior to authenticating them. This makes it possible for...

RHEL 9 : mysql (RHSA-2025:1671)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:1671 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...

openSUSE Security Advisory (openSUSE-SU-2024:0084-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for chromium (FEDORA-2024-6a879cfa63)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Chromium: CVE-2024-1671 Inappropriate implementation in Site Isolation

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

[SECURITY] [DSA 5629-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5629-1 [email protected] https://www.debian.org/security/ Andres Salomon February 23, 2024 https://www.debian.org/security/faq -...

Debian dsa-5629 : chromium - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5629 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5629-1...

CVE-2024-1671

Inappropriate implementation in Site Isolation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-1671

Inappropriate implementation in Site Isolation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-1671

Inappropriate implementation in Site Isolation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-1671

CVE-2024-1671 applies to Google Chrome, stemming from an improper Site Isolation implementation that allowed a remote attacker to bypass the Content Security Policy via a crafted HTML page. The vulnerability is described as affecting Chrome versions prior to 122.0.6261.57 . Public advisories indi...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 122 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 122.0.6261.57 Linux and Mac, 122.0.6261.57/.58 Windows contains a number of fixes and improvements -- a list of changes is...

KLA64091 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Content...

Sophos Web Appliance UsrBlocked.php command injection

Added: 11/24/2023 CVE: CVE-2023-1671 Background Sophos Web Appliance is a web proxy providing HTTP security. Problem A vulnerability in UsrBlocked.php allows remote attackers to inject arbitrary commands into an HTTP request. Resolution Upgrade to Sophos Web Appliance 4.3.10.4 or higher. Referenc...

Sophos Web Appliance UsrBlocked.php command injection

Added: 11/24/2023 CVE: CVE-2023-1671 Background Sophos Web Appliance is a web proxy providing HTTP security. Problem A vulnerability in UsrBlocked.php allows remote attackers to inject arbitrary commands into an HTTP request. Resolution Upgrade to Sophos Web Appliance 4.3.10.4 or higher. Referenc...