128 matches found
RHCOS 3 : OpenShift Container Platform 3.11 (RHSA-2020:2218)
The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2218 advisory. - containers/image: Container images read entire image manifest into memory CVE-2020-1702 Note that Nessus has not tested for this issue but...
CVE-2026-1702
A vulnerability was detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/operation/user.php of the component User Management. Performing a manipulation of the argument groupid results in improper authorization. The attack can be...
MiracleLinux 7 : podman-1.6.4-16.el7 (AXSA:2020-058:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-058:01 advisory. podman: resolving symlink in host filesystem leads to unexpected results of copy operation CVE-2019-18466 containers/image: Container images read...
MiracleLinux 7 : skopeo-0.1.40-11.0.1.el7.AXS7 (AXSA:2020-198:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-198:02 advisory. containers/image: Container images read entire image manifest into memory CVE-2020-1702 Tenable has extracted the preceding description block directly from th...
EUVD-2026-1702
The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 GA contain hardcoded credentials for an operating system user account within an initialization script. The SSH service is network-accessible without IP-based restrictions. Although the configuration disables SCP and pseudo-TTY...
CVE-2025-1702
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'search' parameter in all versions up to, and including, 2.10.0 due to insufficient escaping on the user suppli...
CVE-2025-1702
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'search' parameter in all versions up to, and including, 2.10.0 due to insufficient escaping on the user suppli...
Linux Distros Unpatched Vulnerability : CVE-2020-1702
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using...
CentOS 7 : podman (RHSA-2020:1227)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1227 advisory. - An issue was discovered in Podman in libpod before 1.6.0. It resolves a symlink in the host context during a copy operation from the container to the...
CentOS 7 : skopeo (RHSA-2020:2681)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2681 advisory. - A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using...
RHEL 8 : 1.0_podman (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - containers/image: Container images read entire image manifest into memory CVE-2020-1702 Note that Nessus has not...
CVE-2024-1702
creationtimestamp| type| source ---|---|--- 2024-02-21 18:31:18+00:00| seen| https://t.me/ctinow/189893 2024-02-21 18:36:10+00:00| seen| https://t.me/ctinow/189907 2024-02-22 19:18:39+00:00| seen| https://t.me/arpsyndicate/4011 2024-03-13 08:36:35+00:00| seen| https://t.me/ctinow/206459...
CVE-2024-1702
CVE-2024-1702 concerns a SQL injection in keerti1924 PHP-MYSQL-User-Login-System 1.0, affecting the /edit.php functionality. The issue is described as exploitable remotely and was publicly disclosed; multiple connected sources corroborate the core details (remote access, SQL injection, /edit.php)...
Malicious code in wlwz-2312-1702 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 921c48bc0256d191ef596f8241ffc86ec9742b3fd78ac197f08a6d7d12cf4a4b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Oracle Linux 8 : rsyslog (ELSA-2020-1702)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1702 advisory. 8.1911.0-3 RHEL 8.2.0 ERRATUM - added patch reverting rejecting expired certs by default resolves: rhbz1782353 - added patch silencing false errors on...
Oracle Linux 8 : container-tools:ol8 (ELSA-2020-1650)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1650 advisory. - A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux...
CVE-2023-1702
creationtimestamp| type| source ---|---|--- 2023-03-29 20:31:03+00:00| seen| https://t.me/cibsecurity/61033...
CVE-2023-1702
CVE-2023-1702 is a Cross-site Scripting (XSS) vulnerability in pimcore/pimcore prior to 10.5.20. Multiple advisories (Red Hat, Veracode, OSV, GHSA) describe a generic XSS flaw affecting Pimcore and warn it could enable cookie theft or session hijacking if exploited. The issue relates to how asset...
CVE-2023-1702 Cross-site Scripting (XSS) - Generic in pimcore/pimcore
Cross-site Scripting XSS - Generic in GitHub repository pimcore/pimcore prior to 10.5.20...
CVE-2023-1702 Cross-site Scripting (XSS) - Generic in pimcore/pimcore
Cross-site Scripting XSS - Generic in GitHub repository pimcore/pimcore prior to 10.5.20...