EUVD-2019-7808

Malware in sbrugna...

CVE-2021-1743

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code...

CVE-2019-17406

Nokia IMPACT 18A has path traversal that may lead to RCE if chained with CVE-2019-1743...

CVE-2022-1743

creationtimestamp| type| source ---|---|--- 2025-04-17 18:58:05+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12322...

CVE-2025-1743

creationtimestamp| type| source ---|---|--- 2025-02-27 20:56:15+00:00| seen| https://t.me/cvedetector/19070 2025-05-15 07:39:46+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-1743.yaml 2025-05-15 21:02:29+00:00| seen|...

CVE-2025-1743

A vulnerability, which was classified as critical, was found in zyx0814 Pichome 2.1.0. This affects an unknown part of the file /index.php?mod=textviewer. The manipulation of the argument src leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed t...

CVE-2025-1743 zyx0814 Pichome index.php path traversal

A vulnerability, which was classified as critical, was found in zyx0814 Pichome 2.1.0. This affects an unknown part of the file /index.php?mod=textviewer. The manipulation of the argument src leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed t...

CVE-2025-1743

The CVE-2025-1743 entry affects zyx0814 Pichome 2.1.0, specifically the /index.php?mod=textviewer endpoint where manipulating the src parameter enables path traversal. The Nuclei template for Pichome 2.1.0 documents an arbitrary file read via this path traversal, with remote exploit capability an...

RockyLinux 9 : postgresql:16 (RLSA-2025:1743)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:1743 advisory. postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 Tenable has extracted the preceding...

CVE-2024-20105

In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09062027; Issue ID: MSV-1743...

CVE-2024-20105

In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09062027; Issue ID: MSV-1743...

CVE-2024-20105

In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09062027; Issue ID: MSV-1743...

EulerOS 2.0 SP12 : libuv (EulerOS-SA-2024-1743)

According to the versions of the libuv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:1743)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1743 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the...

CVE-2024-1743

The WooCommerce Customers Manager WordPress plugin before 29.8 does not sanitise and escape various parameters before outputting them back in pages and attributes, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-1743 WooCommerce Customers Manager < 29.8 - Reflected XSS

The WooCommerce Customers Manager WordPress plugin before 29.8 does not sanitise and escape various parameters before outputting them back in pages and attributes, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

WordPress WooCommerce Customers Manager Plugin < 29.8 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Customers Manager Type Plugin Vulnerable versions 29.8 Fixed in 29.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1743 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 088073d3e0c4 Credits Erwan LR...

Oracle Linux 8 : nodejs:14 (ELSA-2023-1743)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-1743 advisory. nodejs 1:14.21.3-1 - Rebase to 14.21.3 Resolves: rhbz2153712 Resolves: CVE-2022-25881 CVE-2023-23918 CVE-2023-23920 CVE-2022-38900 Resolves:...

CentOS 8 : nodejs:14 (CESA-2023:1743)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:1743 advisory. - The glob-parent package before 6.0.1 for Node.js allows ReDoS regular expression denial of service attacks against the enclosure regular expression...

CVE-2023-1743

creationtimestamp| type| source ---|---|--- 2023-03-31 02:21:39+00:00| seen| https://t.me/cibsecurity/61221...