MiracleLinux 4 : libXfont-1.4.5-5.AXS4 (AXSA:2015-460:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2015-460:01 advisory. The libXfont package provides the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. Security issues fixe...

EUVD-2026-1804

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.28.25. This is due to insufficient validation of user-supplied role values in the 'validatevalue', 'preupdatevalue', and 'getfieldsdisplay' functions. This makes it...

Linux Distros Unpatched Vulnerability : CVE-2011-1804

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in Google Chrome before 11.0.696.71, does not properly render floats, which allows remote...

CVE-2020-1804

Huawei Honor V10 smartphones with versions earlier than 10.0.0.156C00E156R2P4 has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information...

SUSE CVE-2022-1804

accountsservice no longer drops permissions when writting .pamenvironment...

CVE-2022-1804

accountsservice no longer drops permissions when writting .pamenvironment...

CVE-2022-1804 Accountsservice incorrectly drops privileges

accountsservice no longer drops permissions when writting .pamenvironment...

CVE-2022-1804 Accountsservice incorrectly drops privileges

accountsservice no longer drops permissions when writting .pamenvironment...

CVE-2025-1804

creationtimestamp| type| source ---|---|--- 2025-03-01 19:30:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6081 2025-03-01 20:30:18+00:00| seen| Telegram/QSI9pBdiZD4XB6B8xYWhYwTgbTHFrmdODd5OBVySn3LuZEM 2025-03-01 22:32:48+00:00| seen| https://t.me/cvedetector/19243 2025-03-02...

CVE-2025-1804

A vulnerability was found in Blizzard Battle.Net up to 2.39.0.15212 on Windows and classified as critical. Affected by this issue is some unknown functionality in the library profapi.dll. The manipulation leads to uncontrolled search path. The attack needs to be approached locally. The complexity...

CVE-2025-1804 Blizzard Battle.Net profapi.dll uncontrolled search path

A vulnerability was found in Blizzard Battle.Net up to 2.39.0.15212 on Windows and classified as critical. Affected by this issue is some unknown functionality in the library profapi.dll. The manipulation leads to uncontrolled search path. The attack needs to be approached locally. The complexity...

CVE-2025-1804 Blizzard Battle.Net profapi.dll uncontrolled search path

A vulnerability was found in Blizzard Battle.Net up to 2.39.0.15212 on Windows and classified as critical. Affected by this issue is some unknown functionality in the library profapi.dll. The manipulation leads to uncontrolled search path. The attack needs to be approached locally. The complexity...

CVE-2024-1804

creationtimestamp| type| source ---|---|--- 2024-07-27 04:55:04+00:00| seen| https://t.me/cvedetector/1745...

RHEL 8 : unbound (RHSA-2024:1804)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1804 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: bind9: KeyTrap - Extreme CPU...

MAL-2024-336 Malicious code in wlwz-2312-1804 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 58f724394a3db79c9566ba805306f4fcde65aebb314a8b5478cf3bf440637886 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-1804

The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the edit parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...

CVE-2023-1804 Product Catalog Feed by PixelYourSite < 2.1.1 - Reflected XSS

The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the edit parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...

CVE-2023-1804 Product Catalog Feed by PixelYourSite < 2.1.1 - Reflected XSS

The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the edit parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...

CVE-2023-1804

The CVE-2023-1804 entry concerns the WordPress plugin Product Catalog Feed by PixelYourSite, affected in versions prior to 2.1.1. The underlying issue is that the edit parameter is not sanitised or escaped when output back into an attribute, resulting in a Reflected XSS vulnerability. The impact ...

USN-5998-1 apache-log4j1.2 vulnerabilities

It was discovered that the SocketServer component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. CVE-2019-17571 It was discovered that the JMSSink component of Apache Log4j 1....