CVE-2025-20065

Uncontrolled search path for some Display Virtualization for Windows OS software before version 1797 within Ring 2: Device Drivers may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of...

CVE-2025-20065

Uncontrolled search path for some Display Virtualization for Windows OS software before version 1797 within Ring 2: Device Drivers may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of...

Display Virtualization for Windows OS Advisory

Summary: A potential security vulnerability in some Display Virtualization for Windows OS software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-20065 Description: Uncontrolled search path fo...

Linux Distros Unpatched Vulnerability : CVE-2011-1797

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application...

CVE-2022-1797

A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownloa...

CVE-2021-1797

The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able to read arbitrary files...

Linux Distros Unpatched Vulnerability : CVE-2013-1797

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service host OS memory corruptio...

CVE-2025-1797

creationtimestamp| type| source ---|---|--- 2025-03-01 15:29:56+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6077 2025-03-01 18:07:12+00:00| seen| https://t.me/cvedetector/19239 2025-03-02 11:46:59+00:00| seen| Telegram/UHGJP1qDIjCaUbAzbWTpYjuQ-bhwzczrPVBsQL4gHvETDeE...

CVE-2025-1797

A vulnerability, which was classified as critical, has been found in Hunan Zhonghe Baiyi Information Technology Baiyiyun Asset Management and Operations System up to 20250217. Affected by this issue is some unknown functionality of the file /wuser/anyUserBoundHouse.php. The manipulation of the...

CVE-2025-1797 Hunan Zhonghe Baiyi Information Technology Baiyiyun Asset Management and Operations System anyUserBoundHouse.php sql injection

A vulnerability, which was classified as critical, has been found in Hunan Zhonghe Baiyi Information Technology Baiyiyun Asset Management and Operations System up to 20250217. Affected by this issue is some unknown functionality of the file /wuser/anyUserBoundHouse.php. The manipulation of the...

CVE-2025-1797 Hunan Zhonghe Baiyi Information Technology Baiyiyun Asset Management and Operations System anyUserBoundHouse.php sql injection

A vulnerability, which was classified as critical, has been found in Hunan Zhonghe Baiyi Information Technology Baiyiyun Asset Management and Operations System up to 20250217. Affected by this issue is some unknown functionality of the file /wuser/anyUserBoundHouse.php. The manipulation of the...

CVE-2024-1797

The WP ULike – Most Advanced WordPress Marketing Toolkit plugin for WordPress is vulnerable to SQL Injection via the 'status' and 'id' attributes of the 'wpulikecounter' and 'wpulike' shortcodes in all versions up to, and including, 4.6.9 due to insufficient escaping on the user supplied paramete...

CVE-2024-1797

CVE-2024-1797 concerns the WP ULike plugin for WordPress. The initial description states a SQL Injection via the status and id attributes of the wp_ulike_counter and wp_ulike shortcodes, affecting all versions up to 4.6.9, with authenticated attackers (contributor+ level) able to inject extra SQL...

Oracle Linux 8 : binutils (ELSA-2020-1797)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1797 advisory. 2.30-73.0.1 - Forward-port of Oracle patches from 2.30-68.0.2. - Reviewed-by: Elena Zannoni 2.30-68.0.2 - Backport the non-cycle-detecting-capable...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager (CVE-2018-1797)

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the...

Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2023-1797)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-1797

Summary: OTCMS 6.0.1 contains a critical vulnerability in the sysCheckFile.php?mudi=sql functionality that allows unrestricted file uploads. The root cause is an absence of upload restrictions in that function, enabling a remote attacker to upload arbitrary files and potentially execute code. The...

1797.com.cn Cross Site Scripting vulnerability OBB-3205498

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-1797

creationtimestamp| type| source ---|---|--- 2022-06-02 18:36:01+00:00| seen| https://t.me/cibsecurity/43700...

CVE-2022-1797 Rockwell Automation Logix Controllers Uncontrolled Resource Consumption

A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownloa...