CVE-2026-1740

A vulnerability was found in EFM ipTIME A8004T 14.18.2. This impacts the function httpconchecksessionurl of the file /cgi/timepro.cgi of the component Hidden Hiddenloginsetup Interface. The manipulation results in improper authentication. The attack may be performed from remote. The exploit has...

CVE-2026-1740

CVE-2026-1740 affects EFM ipTIME A8004T 14.18.2; the flaw is in httpcon_check_session_url inside /cgi/timepro.cgi in the Hidden login/setup interface, enabling remote improper authentication. Exploits are public per the sources; vendor did not respond to disclosure. Mitigation noted in PT-2026-55...

CVE-2026-1740 EFM ipTIME A8004T Hidden Hiddenloginsetup timepro.cgi httpcon_check_session_url improper authentication

A vulnerability was found in EFM ipTIME A8004T 14.18.2. This impacts the function httpconchecksessionurl of the file /cgi/timepro.cgi of the component Hidden Hiddenloginsetup Interface. The manipulation results in improper authentication. The attack may be performed from remote. The exploit has...

EUVD-2026-1740

The Curved Text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'radius' parameter of the arctext shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2025-1740 Authentication Bypass in Akinsoft's MyRezzta

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass, Password Recovery Exploitation, Brute Force.This issue affects MyRezzta: from s2.03.01 before v2.05.01...

CVE-2021-1740

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A local user may be able to modify protected parts of the file system...

CVE-2022-1740

creationtimestamp| type| source ---|---|--- 2025-04-17 18:58:07+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12324...

Linux Distros Unpatched Vulnerability : CVE-2020-1740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes ansible-vault edit, another user on the same...

CVE-2024-1740

In lunary-ai/lunary version 1.0.1, a vulnerability exists where a user removed from an organization can still read, create, modify, and delete logs by re-using an old authorization token. The lunary web application communicates with the server using an 'Authorization' token in the browser, which...

CVE-2024-1740

creationtimestamp| type| source ---|---|--- 2024-04-12 05:35:31+00:00| seen| https://t.me/arpsyndicate/4528...

CVE-2024-1740 Incorrect Authorization in lunary-ai/lunary

In lunary-ai/lunary version 1.0.1, a vulnerability exists where a user removed from an organization can still read, create, modify, and delete logs by re-using an old authorization token. The lunary web application communicates with the server using an 'Authorization' token in the browser, which...

Amazon Linux AMI : libwebp (ALAS-2023-1740)

The version of libwebp installed on the remote host is prior to 0.3.0-10.8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1740 advisory. A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign...

CVE-2023-1740

creationtimestamp| type| source ---|---|--- 2023-03-31 00:34:51+00:00| seen| https://t.me/cibsecurity/61212...

CVE-2023-1740

CVE-2023-1740 affects SourceCodester Air Cargo Management System 1.0, where the GET Parameter Handler in admin/user/manage_user.php is vulnerable to SQL injection via the id argument. Exploitation is remote and the vulnerability has been disclosed publicly. Multiple connected sources corroborate ...

Security Bulletin: Vulnerabilities in Network Security Services (NSS) and Netscape Portable Runtime (NSPR) affect IBM SAN Volume Controller and Storwize Family (CVE-2013-1740, CVE-2014-1490, CVE-2014-1491, CVE-2014-1492, CVE-2014-1544, CVE-2014-1545)

Summary Security Bulletin: Vulnerabilities in Network Security Services NSS and Netscape Portable Runtime NSPR affect IBM SAN Volume Controller and Storwize Family CVE-2013-1740, CVE-2014-1490, CVE-2014-1491, CVE-2014-1492, CVE-2014-1544, CVE-2014-1545 Vulnerability Details Security Bulletin ---...

Security Bulletin: Six (6) Vulnerabilities in Network Security Services (NSS) & Netscape Portable Runtime (NSPR) affect IBM FlashSystem 840 and V840 (CVE-2013-1740, CVE-2014-1490, CVE-2014-1491, CVE-2014-1492, CVE-2014-1544, CVE-2014-1545)

Summary NSS & NSPR vulnerabilities affect the IBM FlashSystem 840 and V840 products. These vulnerabilities could allow a remote attacker to execute arbitrary code, on the system, to obtain sensitive information, or cause Denial of Service. Vulnerability Details 1. CVE-ID : CVE-2013-1740...

SUSE CVE-2006-1740

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site...

Security Bulletin: Vulnerabilities in Network Security Services (NSS) and Netscape Portable Runtime (NSPR) affect IBM SAN Volume Controller and Storwize Family (CVE-2013-1740, CVE-2014-1490, CVE-2014-1491, CVE-2014-1492, CVE-2014-1544, CVE-2014-1545)

Summary Vulnerabilities in Network Security Services NSS and Netscape Portable Runtime NSPR could allow a remote attacker to obtain sensitive information or cause a denial of service. Vulnerability Details CVE-ID : CVE-2013-1740 DESCRIPTION : Mozilla Network Security Services could allow a remote...

CVE-2022-1740

The CVE-2022-1740 vulnerability in Dominion Voting Systems ImageCast X concerns the on-screen hash display, audit log export, and application export features that rely on self-attestation. The root cause is mutable attestation/measurement data, allowing an attacker with access to disguise malicio...

CVE-2021-1740

creationtimestamp| type| source ---|---|--- 2021-11-24 07:24:13+00:00| published-proof-of-concept| https://t.me/androidMalware/1310...