CVE-2026-1741

A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...

CVE-2026-1741

The following sources document CVE-2026-1741 affecting EFM ipTIME A8004T 14.18.2. The vulnerability concerns the Debug Interface component, specifically the httpcon_check_session_url function in /sess-bin/d.cgi. The described flaw allows manipulation of the cmd argument to trigger a backdoor, wit...

MiracleLinux 3 : nspr-4.10.2-2.AXS3, nss-3.15.3-4.AXS3 (AXSA:2014-237:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-237:01 advisory. nss: Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server...

MiracleLinux 4 : nspr-4.10.2-1.AXS4, nss-3.15.3-6.0.1.AXS4, nss-util-3.15.3-1.AXS4 (AXSA:2014-054:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-054:01 advisory. nss: Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server...

EUVD-2026-1741

The MG AdvancedOptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2025-1741

A vulnerability classified as problematic was found in b1gMail up to 7.4.1-pl1. Affected by this vulnerability is an unknown functionality of the file src/admin/users.php of the component Admin Page. The manipulation of the argument query/q leads to deserialization. The attack can be launched...

CVE-2021-1741

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code...

CVE-2025-1741 b1gMail Admin Page users.php deserialization

A vulnerability classified as problematic was found in b1gMail up to 7.4.1-pl1. Affected by this vulnerability is an unknown functionality of the file src/admin/users.php of the component Admin Page. The manipulation of the argument query/q leads to deserialization. The attack can be launched...

CVE-2025-1741

CVE-2025-1741 affects b1gMail up to version 7.4.1-pl1 in the Admin Page component (src/admin/users.php). The vulnerability arises from deserialization when manipulating the query/q parameter, allowing remote exploitation. A fix is available: upgrade to 7.4.1-pl2 (patch identifier 4816c8b748f6a5b9...

RHEL 9 : postgresql:15 (RHSA-2025:1741)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1741 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing...

CVE-2024-1741

lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members to read, create, modify, and delete prompt templates using an old authorization token. Despite being removed from an organization, these members can still perform operations on prompt templates by...

CVE-2024-1741

creationtimestamp| type| source ---|---|--- 2024-04-12 08:50:54+00:00| seen| https://t.me/arpsyndicate/4569...

CVE-2024-1741

lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members to read, create, modify, and delete prompt templates using an old authorization token. Despite being removed from an organization, these members can still perform operations on prompt templates by...

Oracle Linux 6 : php-pear (ELSA-2011-1741)

The remote Oracle Linux 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2011-1741 advisory. 1.9.4-4 - fix patch application for 747361 1.9.4-3 - ignore REST cache creation failures as non-root user 747361 1.9.4-2 - fix XML-Util provides 1.9.4-1 - updat...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Network Manager IP Edition (CVE-2017-1741).

Summary IBM WebSphere Application Server is shipped with IBM Tivoli Network Manager IP Edition versions 3.9 and 4.1.1; IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager IP Edition version 4.2. Information about a security vulnerability affecting IBM WebSphere...

Amazon Linux AMI : openldap (ALAS-2023-1741)

The version of openldap installed on the remote host is prior to 2.4.40-16.36. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1741 advisory. An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and...

CVE-2023-1741

creationtimestamp| type| source ---|---|--- 2023-03-31 02:21:40+00:00| seen| https://t.me/cibsecurity/61222...

CVE-2023-1741 jeecg-boot Sleep Command SysDictMapper.java sql injection

A vulnerability was found in jeecg-boot 3.5.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file SysDictMapper.java of the component Sleep Command Handler. The manipulation leads to sql injection. The attack can be launched remotely. The...

Debian: Security Advisory (DLA-23-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-1741

creationtimestamp| type| source ---|---|--- 2022-06-24 18:31:10+00:00| seen| https://t.me/cibsecurity/45090 2025-04-17 18:58:04+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12321...