CVE-2026-1791

CVE-2026-1791 concerns Hillstone Networks products: Operation and Maintenance Security Gateway on Linux with vulnerable versions V5.5ST00001B113 and Hillstone Networks Security Gateway V5.5. The flaw is an unrestricted file upload of a dangerous file type, enabling an attacker to upload a web she...

CVE-2026-1791 Arbitrary File Upload Vulnerability in Operation and Maintenance Security Gateway

Unrestricted Upload of File with Dangerous Type vulnerability in Hillstone Networks Operation and Maintenance Security Gateway on Linux allows Upload a Web Shell to a Web Server.This issue affects Operation and Maintenance Security Gateway: V5.5ST00001B113...

CVE-2026-1791 Arbitrary File Upload Vulnerability in Operation and Maintenance Security Gateway

Unrestricted Upload of File with Dangerous Type vulnerability in Hillstone Networks Operation and Maintenance Security Gateway on Linux allows Upload a Web Shell to a Web Server.This issue affects Operation and Maintenance Security Gateway: V5.5ST00001B113...

MiracleLinux 4 : openssl-1.0.1e-30.AXS4.11 (AXSA:2015-155:05)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-155:05 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

EUVD-2026-1791

The BIALTY - Bulk Image Alt Text Alt tag, Alt Attribute with Yoast SEO + WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bialtycsalt' post meta in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes...

CVE-2022-1791

The One Click Plugin Updater WordPress plugin through 2.4.14 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable / hide the badge of the available updates and the related check...

CVE-2020-1791

HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185C00E74R3P8 have an improper authorization vulnerability. The system has a logic judging error under certain scenario, successful exploit could allow the attacker to switch to third desktop after a series of operation in ADB mode...

RHSA-2019:1791

creationtimestamp| type| source ---|---|--- 2025-04-23 20:04:44+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13135 2025-04-23 20:04:48+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13136 2025-04-23 20:04:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13137...

CVE-2025-1791

creationtimestamp| type| source ---|---|--- 2025-03-01 16:27:02+00:00| seen| https://t.me/cvedetector/19236 2025-03-02 11:46:59+00:00| seen| Telegram/oifamibZCtGvQEwXqYVNsQN1G7y5Hq6xT0OimiyGYpwN5et 2025-08-19 18:29:28+00:00| seen| MISP/1e8d1b5a-3537-4a30-907d-acb1720bbd18...

CVE-2025-1791 Zorlan SkyCaiji Tool.php fileAction unrestricted upload

A vulnerability has been found in Zorlan SkyCaiji 2.9 and classified as critical. This vulnerability affects the function fileAction of the file vendor/skycaiji/app/admin/controller/Tool.php. The manipulation of the argument savedata leads to unrestricted upload. The attack can be initiated...

CVE-2021-1791

creationtimestamp| type| source ---|---|--- 2024-10-09 19:21:22+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2628 2025-05-24 06:42:30+00:00| seen| https://gist.github.com/h0medev2024/3c86fc0e9234786e66c18835b9c71fd9 2026-02-17 04:19:42+00:00| seen|...

CVE-2024-1791

creationtimestamp| type| source ---|---|--- 2024-03-14 22:26:24+00:00| seen| https://t.me/ctinow/208220...

CVE-2024-1791

The CodeMirror Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Code Mirror block in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level acce...

CVE-2024-1791

CVE-2024-1791 concerns the CodeMirror Blocks plugin for WordPress. According to Red Hat and Wordfence sources, versions up to and including 1.2.4 are affected due to insufficient input sanitization and output escaping in the Code Mirror block, enabling a stored cross-site scripting (XSS) conditio...

WordPress CodeMirror Blocks Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS)

Software CodeMirror Blocks Type Plugin Vulnerable versions = 1.2.4 Fixed in 2.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1791 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8f146af67463 Credits RandomRoot Required...

Amazon Linux AMI : ImageMagick (ALAS-2023-1791)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1.27. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1791 advisory. A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel function in quantum- private.h. This issue ma...

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1791)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of...

CentOS 7 : firefox (RHSA-2023:1791)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1791 advisory. - Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affec...

CentOS: Security Advisory for firefox (CESA-2023:1791)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 7 : firefox (ELSA-2023-1791)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-1791 advisory. 102.10.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add...