CVE-2026-1772

creationtimestamp| type| source ---|---|--- 2026-03-03 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-062-03...

Linux Distros Unpatched Vulnerability : CVE-2020-1772

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Tokens, generated by users which alread...

Linux Distros Unpatched Vulnerability : CVE-2010-1772

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome before 5.0.375.70, allows remote attackers to...

CVE-2024-1772

The Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.6.4 via deserialization of untrusted input from the playpodcastdata post meta. This makes it possible for authenticated...

CVE-2024-20104

In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09073261; Issue ID: MSV-1772...

Security Bulletin: Common Vulnerabilities in Cloudera Data Platform Private Cloud Base 7.1.9.

Summary Common vulnerabilities reported in Cloudera Data Platform Private Cloud Base 7.1.9 have been addressed, and are available in Hotfix 2. Vulnerability Details CVEID:CVE-2015-1772 DESCRIPTION: Apache Hive could allow a remote attacker to bypass security restrictions, caused by an error in th...

CVE-2024-1772

creationtimestamp| type| source ---|---|--- 2024-03-13 17:36:59+00:00| seen| https://t.me/ctinow/206934...

CVE-2024-1772

The Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.6.4 via deserialization of untrusted input from the playpodcastdata post meta. This makes it possible for authenticated...

CVE-2024-1772

The CVE-2024-1772 entry concerns the Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio WordPress plugin (versions up to and including 3.6.4). It describes a PHP Object Injection via deserialization of untrusted input from the play_podcast_data post meta, exploitable by authentic...

WordPress Play.ht Plugin <= 3.6.4 is vulnerable to PHP Object Injection

Software Play.ht Type Plugin Vulnerable versions = 3.6.4 Fixed in N/A OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-1772 Patch priority Medium CVSS severity Medium 8.5 Developer Claim ownership PSID 571b81755147 Credits Francesco Carlucci Required privilege Contribut...

Amazon Linux AMI : mod24_security (ALAS-2023-1772)

The version of mod24security installed on the remote host is prior to 2.8.0-5.28. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1772 advisory. In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web...

SUSE: Security Advisory (SUSE-SU-2023:1772-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-1772

creationtimestamp| type| source ---|---|--- 2023-03-31 16:22:15+00:00| seen| https://t.me/cibsecurity/61245...

SUSE CVE-2010-1772

Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome before 5.0.375.70, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted web site, related to failure to stop timers associate...

Security Bulletin: IBM Call Center and Apache Struts Struts upgrade strategy (various CVEs, see below)

Summary Apache Struts is used by IBM Call Center as part of its web application framework used for creating Java EE web applications. It is vulnerable to various CVEs, listed below. We recommend upgrading to the latest supported version of Struts that was released as part of the latest FixPack 12...

CVE-2022-1772

creationtimestamp| type| source ---|---|--- 2022-06-13 16:16:54+00:00| seen| https://t.me/cibsecurity/44266...

CVE-2022-1772

CVE-2022-1772 affects the WordPress Google Places Reviews plugin before 2.0.0. It is a stored cross-site scripting (XSS) vulnerability caused by not properly escaping the Google API key setting, which is exposed in the admin panel. In multisite WordPress deployments, a malicious administrator cou...

CVE-2022-1772 Google Places Review < 2.0.0 - Admin+ Stored Cross Site Scripting

The Google Places Reviews WordPress plugin before 2.0.0 does not properly escape its Google API key setting, which is reflected on the site's administration panel. A malicious administrator could abuse this bug, in a multisite WordPress configuration, to trick super-administrators into viewing th...

Amazon Linux 2 : zlib (ALAS-2022-1772)

The version of zlib installed on the remote host is prior to 1.2.7-19. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1772 advisory. An out-of-bounds access flaw was found in zlib, which allows memory corruption when deflating ex: when compressing if the input has...

SUSE: Security Advisory (SUSE-SU-2013:0759-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...