CVE-2026-1812

A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to...

EUVD-2026-1812

Not used...

EUVD-2009-5075

Malware in sbrugna...

EUVD-2015-1935

Malware in sbrugna...

CVE-2025-8597

MacVim's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access e.g. via a malicious application to attach a debugger, read or modify the process memory, inject code in the application's context despite...

CVE-2009-5120

The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via UTF-7 text to the 404...

CVE-2025-1812

creationtimestamp| type| source ---|---|--- 2025-03-02 09:29:19+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6090 2025-03-02 11:47:01+00:00| seen| Telegram/bJC7J5-9UmMHhjstwNBM-CojJtb8XDni8r1PMhTg4S49tAD 2025-03-02 12:24:16+00:00| seen|...

CVE-2025-1812

A vulnerability classified as critical has been found in zj1983 zz up to 2024-08. Affected is the function GetUserOrg of the file com/futvan/z/framework/core/SuperZ.java. The manipulation of the argument userId leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-1812

CVE-2025-1812 affects the GetUserOrg function in SuperZ.java (path: com/futvan/z/framework/core/SuperZ.java). The issue is SQL injection caused by manipulation of the userId argument, enabling remote exploitation. Several sources confirm remote exploitability and public disclosure; vendor respons...

CVE-2025-1812 zj1983 zz SuperZ.java GetUserOrg sql injection

A vulnerability classified as critical has been found in zj1983 zz up to 2024-08. Affected is the function GetUserOrg of the file com/futvan/z/framework/core/SuperZ.java. The manipulation of the argument userId leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-1812 zj1983 zz SuperZ.java GetUserOrg sql injection

A vulnerability classified as critical has been found in zj1983 zz up to 2024-08. Affected is the function GetUserOrg of the file com/futvan/z/framework/core/SuperZ.java. The manipulation of the argument userId leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2024-1812

creationtimestamp| type| source ---|---|--- 2024-04-11 07:01:18+00:00| seen| https://t.me/arpsyndicate/4462...

WordPress Everest Forms Plugin <= 2.0.7 is vulnerable to Server Side Request Forgery (SSRF)

Software Everest Forms Type Plugin Vulnerable versions = 2.0.7 Fixed in 2.0.8 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-1812 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID 113a534a2c9d Credits hir0ot Required privilege...

openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0092-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : php55-pecl-imagick (ALAS-2023-1812)

The version of php55-pecl-imagick installed on the remote host is prior to 3.4.4-2.15. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1812 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds....

Cisco NX-OS CLI Command Software Image Signature Verification (CVE-2019-1812)

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2023:0092-1 Rating: important References: 1210126 1210478 Cross-References: CVE-2023-1810 CVE-2023-1811 CVE-2023-1812 CVE-2023-1813 CVE-2023-1814 CVE-2023-1815 CVE-2023-1816 CVE-2023-1817 CVE-2023-1818 CVE-2023-18...

Ubuntu: Security Advisory (USN-6021-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-5386-1 : chromium - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5386 advisory. - Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploi...

Debian: Security Advisory (DSA-5386-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...