openSUSE Security Advisory (SUSE-SU-2026:0811-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:0833-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:0811-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:0796-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:0788-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libsoup-3_0-0-3.6.6-2.1 on GA media (moderate)

libsoup-30-0-3.6.6-2.1 on GA media Announcement ID: openSUSE-SU-2026:10276-1 Rating: moderate Cross-References: CVE-2026-1467 CVE-2026-1539 CVE-2026-1760 CVSS scores: CVE-2026-1467 SUSE : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2026-1467 SUSE : 5.3...

AZL-77618 CVE-2026-1760 affecting package libsoup 3.0.4-12

A flaw was found in SoupServer. This HTTP request smuggling vulnerability occurs because SoupServer improperly handles requests that combine Transfer-Encoding: chunked and Connection: keep-alive headers. A remote, unauthenticated client can exploit this by sending specially crafted requests,...

DEBIAN-CVE-2026-1760

A flaw was found in SoupServer. This HTTP request smuggling vulnerability occurs because SoupServer improperly handles requests that combine Transfer-Encoding: chunked and Connection: keep-alive headers. A remote, unauthenticated client can exploit this by sending specially crafted requests,...

EUVD-2026-1760

The Header and Footer Scripts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the inpostheadscript parameter in all versions up to, and including, 2.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2021-1760

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application could execute arbitrary code leading to...

Linux Distros Unpatched Vulnerability : CVE-2011-1760

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e...

SMA Solar多款产品 SQL注入漏洞

SMA Solar Sunny Central SC 1760-US and others are a solar inverter from SMA Solar, Germany. A SQL injection vulnerability exists in various SMA Solar products. An attacker could exploit the vulnerability to gain read and write access to device-specific log files. The following products are...

SUSE SLES15 Security Update : kernel (Live Patch 12 for SLE 15 SP5) (SUSE-SU-2024:1760-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1760-1 advisory. This update for the Linux Kernel 5.14.21-1505005559 fixes several issues. The following security issues were fixed: - CVE-2024-26610: Fixed...

CVE-2024-1760

creationtimestamp| type| source ---|---|--- 2024-03-06 07:26:44+00:00| seen| https://t.me/ctinow/201061 2024-03-06 07:31:10+00:00| seen| https://t.me/ctinow/201065...

CVE-2024-1760 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.6.20 - Cross-Site Request Forgery to Plugin Data Reset

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.6.20. This is due to missing or incorrect nonce validation on the ssafactoryreset function. This makes it...

CVE-2024-1760

Summary of CVE-2024-1760 (WordPress plugin: Appointment Booking Calendar — Simply Schedule Appointments) This vulnerability is a Cross-Site Request Forgery (CSRF) in the Simply Schedule Appointments plugin for WordPress. The root cause is missing or incorrect nonce validation in the ssa_factory_r...

WordPress Simply Schedule Appointments Plugin <= 1.6.6.20 is vulnerable to Cross Site Request Forgery (CSRF)

Software Simply Schedule Appointments Type Plugin Vulnerable versions = 1.6.6.20 Fixed in 1.6.6.24 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1760 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 41bce45152e6 Credits...

CVE-2022-1760

creationtimestamp| type| source ---|---|--- 2024-01-23 23:16:19+00:00| seen| https://t.me/ctinow/172378 2024-02-06 15:17:08+00:00| seen| https://t.me/ctinow/180038...

CVE-2022-1760

Core Control WordPress plugin up to version 1.2.1 is affected by a CSRF vulnerability that allows a logged-in admin to arbitrarily update settings. The root cause is missing CSRF checks during settings updates. Impact is limited to modification of settings by an attacker using a CSRF attack; no e...

CVE-2022-1760 Core Control <= 1.2.1 - Arbitrary Settings Update via CSRF

The Core Control WordPress plugin through 1.2.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...