MAL-2026-1805 Malicious code in notification-settings-layout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77ec9a9823eefe0c031995eea2a7f2fc660ebf4843a6aaf365c042a8dbab2cb7 The package notification-settings-layout was found to contain malicious code...

CVE-2026-1805 DA Media GigList <= 1.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'list_title' Shortcode Attribute

The DA Media GigList plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's damediagiglist shortcode in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2026-1805

creationtimestamp| type| source ---|---|--- 2026-03-07 07:16:10+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-1805 2026-03-07 09:49:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mghkf2fd4r2x...

EUVD-2016-0790

Malware in sbrugna...

EUVD-2020-12630

Malware in sbrugna...

CVE-2022-1805

When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM Man in the Middle between a zero client and AWS session provisioner in the network. This issue is only...

CVE-2021-1805

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021-002. An application may be able to execute arbitrary code with kernel privileges...

CVE-2020-1805

Huawei Honor V10 smartphones with versions earlier than 10.0.0.156C00E156R2P4 has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information...

CVE-2011-1805

Bad cast in CSS in Google Chrome prior to 11.0.0.0 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2025-1805

Crypt::Salt for Perl version 0.01 uses insecure rand function when generating salts for cryptographic purposes...

CVE-2025-1805

creationtimestamp| type| source ---|---|--- 2025-04-02 16:39:32+00:00| seen| https://t.me/cvedetector/21873...

CVE-2025-1805 Crypt::Salt for Perl uses insecure rand() function when generating salts for cryptographic purposes

Crypt::Salt for Perl version 0.01 uses insecure rand function when generating salts for cryptographic purposes...

CVE-2025-1805 Crypt::Salt for Perl uses insecure rand() function when generating salts for cryptographic purposes

Crypt::Salt for Perl version 0.01 uses insecure rand function when generating salts for cryptographic purposes...

CVE-2025-1805

CVE-2025-1805 affects Crypt::Salt for Perl 0.01, where an insecure rand() is used to generate cryptographic salts. The issue’s impact is described as partial in the assessment (base CVSS 5.3, MEDIUM). Exploitation details are not provided in the sources. Remediation is not specified; several entr...

Linux Distros Unpatched Vulnerability : CVE-2015-1805

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatom...

FreePBX 安全漏洞

FreePBX formerly known as Asterisk Management Portal is a suite of tools from the FreePBX project for configuring Asterisk an IP telephony system via a GUI web-based graphical interface. A security vulnerability exists in FreePBX versions 1805 through 2203 that stems from the use of hard-coded...

CVE-2023-26566

CVE-2023-26566 affects Sangoma FreePBX 1805–2203 on Linux, with hardcoded Asterisk REST Interface (ARI) credentials. This enables remote attackers to reconfigure Asterisk and place calls via ARI endpoints over HTTP and WebSocket. The connected sources note the issue and provide remediation guidan...

PT-2024-12105 · Sangoma · Sangoma Freepbx

Name of the Vulnerable Software and Affected Versions: Sangoma FreePBX versions 1805 through 2203 Description: The issue concerns hardcoded credentials for the Asterisk REST Interface ARI in Sangoma FreePBX, allowing remote attackers to reconfigure Asterisk and make external and internal calls vi...

CVE-2024-1805

The wpbakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button onclick attribute in all versions up to, and including, 7.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or...

CVE-2024-1805 WPBakery Visual Composer <= 7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button onclick attribute

The wpbakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button onclick attribute in all versions up to, and including, 7.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or...