CVE-2026-1738

A flaw has been found in Open5GS up to 2.7.6. The impacted element is the function sgwctunneladd of the file /src/sgwc/context.c of the component SGWC. Executing a manipulation of the argument pdr can lead to reachable assertion. The attack can be executed remotely. The exploit has been published...

CVE-2026-1738 Open5GS SGWC context.c sgwc_tunnel_add assertion

A flaw has been found in Open5GS up to 2.7.6. The impacted element is the function sgwctunneladd of the file /src/sgwc/context.c of the component SGWC. Executing a manipulation of the argument pdr can lead to reachable assertion. The attack can be executed remotely. The exploit has been published...

MiracleLinux 3 : kernel-2.6.18-371.4.AXS3 (AXSA:2014-487:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-487:02 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

EUVD-2026-1738

The Client Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'afttestimonialmetaname' custom field in the Client Information metabox in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user-supplied...

CVE-2025-1738

A Password Transmitted over Query String vulnerability has been found in Trivision Camera NC227WF v5.8.0 from TrivisionSecurity, exposing this sensitive information to a third party...

Linux Distros Unpatched Vulnerability : CVE-2020-1738

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a...

CVE-2021-1738

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution...

Linux Distros Unpatched Vulnerability : CVE-2014-1738

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The rawcmdcopyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing ...

CVE-2025-1738 Multiple vulnerabilities in Trivision Camera NC227WF

A Password Transmitted over Query String vulnerability has been found in Trivision Camera NC227WF v5.8.0 from TrivisionSecurity, exposing this sensitive information to a third party...

CVE-2025-1738

The CVE-2025-1738 entry concerns Trivision NC227WF cameras with firmware v5.8.0, where a Password Transmitted over Query String vulnerability exposes credentials to a third party. The root cause is credentials being sent in the URL/query string, enabling potential disclosure. The vulnerability ha...

CVE-2025-1738 Multiple vulnerabilities in Trivision Camera NC227WF

A Password Transmitted over Query String vulnerability has been found in Trivision Camera NC227WF v5.8.0 from TrivisionSecurity, exposing this sensitive information to a third party...

Oracle Linux 9 : libpq (ELSA-2025-1738)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1738 advisory. 13.20-1 - Update to 13.20 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not teste...

AlmaLinux 9 : libpq (ALSA-2025:1738)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:1738 advisory. postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 Tenable has extracted the preceding...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1738)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-1738

An incorrect authorization vulnerability exists in the lunary-ai/lunary repository, specifically within the evaluations.get route in the evaluations API endpoint. This vulnerability allows unauthorized users to retrieve the results of any organization's evaluation by simply knowing the evaluation...

CVE-2024-1738 Incorrect Authorization in lunary-ai/lunary

An incorrect authorization vulnerability exists in the lunary-ai/lunary repository, specifically within the evaluations.get route in the evaluations API endpoint. This vulnerability allows unauthorized users to retrieve the results of any organization's evaluation by simply knowing the evaluation...

CVE-2024-1738 Incorrect Authorization in lunary-ai/lunary

An incorrect authorization vulnerability exists in the lunary-ai/lunary repository, specifically within the evaluations.get route in the evaluations API endpoint. This vulnerability allows unauthorized users to retrieve the results of any organization's evaluation by simply knowing the evaluation...

EulerOS Virtualization 3.0.2.0 : pcre2 (EulerOS-SA-2023-1738)

According to the versions of the pcre2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the...

Amazon Linux AMI : tomcat7 (ALAS-2023-1738)

The version of tomcat7 installed on the remote host is prior to 7.0.109-1.42. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1738 advisory. 2023-05-11: CVE-2017-12616 was added to this advisory. When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0....

CVE-2023-1738

A vulnerability has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0 and classified as critical. This vulnerability affects unknown code of the file index.php?q=product. The manipulation of the argument search leads to sql injection. The attack can be initiated remotely...