MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.141-2.b16.AXS4 (AXSA:2017-1746:05)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1746:05 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2017-10053 RESERVED This candidate has been reserved by an organizatio...

EUVD-2026-1746

The firmware in KAON CG3000TC and CG3000T routers contains hard-coded credentials in clear text shared across all routers of this model that an unauthenticated remote attacker could use to execute commands with root privileges. This vulnerability has been fixed in firmware version: 1.00.67 for...

CVE-2021-1746

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2025-1746

Cross-Site Scripting vulnerability in OpenCart versions prior to 4.1.0. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the search in the /product/search endpoint. This vulnerability could be exploited to steal...

CVE-2025-1746 Cross-Site Scripting vulnerability in OpenCart

Cross-Site Scripting vulnerability in OpenCart versions prior to 4.1.0. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the search in the /product/search endpoint. This vulnerability could be exploited to steal...

CVE-2025-1746 Cross-Site Scripting vulnerability in OpenCart

Cross-Site Scripting vulnerability in OpenCart versions prior to 4.1.0. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the search in the /product/search endpoint. This vulnerability could be exploited to steal...

CVE-2024-1746

The Testimonial Slider WordPress plugin before 2.3.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-1746 Testimonial Slider < 2.3.8 - Admin+ Stored XSS

The Testimonial Slider WordPress plugin before 2.3.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-1746 Testimonial Slider < 2.3.8 - Admin+ Stored XSS

The Testimonial Slider WordPress plugin before 2.3.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-1746

CVE-2024-1746 affects the WordPress plugin Testimonial Slider (versions prior to 2.3.8). The vulnerability stems from insufficient sanitization/escaping of certain plugin settings, allowing Stored XSS by high-privilege users (e.g., administrators) even when the unfiltered_html capability is disal...

WordPress Testimonial Slider Plugin < 2.3.8 is vulnerable to Cross Site Scripting (XSS)

Software Testimonial Slider Type Plugin Vulnerable versions 2.3.8 Fixed in 2.3.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1746 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e974538b892e Credits Dmitrii Ignatyev Requir...

RHEL 7 : kernel (RHSA-2024:1746)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1746 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in l2capconnect...

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2021:1746)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1746 advisory. - In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb duri...

Amazon Linux AMI : tigervnc (ALAS-2023-1746)

The version of tigervnc installed on the remote host is prior to 1.8.0-21.35. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1746 advisory. A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited...

CVE-2023-1746

creationtimestamp| type| source ---|---|--- 2023-03-31 02:21:38+00:00| seen| https://t.me/cibsecurity/61220...

CVE-2023-1746

A vulnerability, which was classified as problematic, was found in Dreamer CMS up to 3.5.0. Affected is an unknown function of the component File Upload Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. VDB-224634 is the identifier assigned to...

CVE-2023-1746

CVE-2023-1746 affects Dreamer CMS up to version 3.5.0, involving the File Upload Handler. The issue enables cross-site scripting via an unknown function in that component and can be triggered remotely. Multiple connected sources consistently describe it as a cross-site scripting vulnerability wit...

CVE-2022-1746 2.2.8 INCORRECT PRIVILEGE ASSIGNMENT CWE-266

The authentication mechanism used by poll workers to administer voting using the tested version of Dominion Voting Systems ImageCast X can expose cryptographic secrets used to protect election information. An attacker could leverage this vulnerability to gain access to sensitive information and...

Huawei EulerOS: Security Advisory for mariadb (EulerOS-SA-2022-1746)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:1746-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...