CVE-2026-1831 YayMail <= 4.3.2 - Missing Authorization to Authenticated (Shop Manager+) Plugin Installation and Activation

The YayMail - WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized plugin installation and activation due to missing capability checks on the 'yaymailinstallyaysmtp' AJAX action and /yaymail/v1/addons/activate REST endpoint in all versions up to, and including, 4.3.2...

AlmaLinux 10 : qemu-kvm (ALSA-2026:1831)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:1831 advisory. qemu-kvm: VNC WebSocket handshake use-after-free CVE-2025-11234 Tenable has extracted the preceding description block directly from the AlmaLinux security advisor...

RHSA-2026:1831 Red Hat Security Advisory: qemu-kvm security update

Bulletin has no description...

RockyLinux 10 : qemu-kvm (RLSA-2026:1831)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1831 advisory. qemu-kvm: VNC WebSocket handshake use-after-free CVE-2025-11234 Tenable has extracted the preceding description block directly from the RockyLinux security...

EUVD-2018-0670

Malware in sbrugna...

CVE-2023-1831

Mattermost fails to redact from audit logs the user password during user creation and the user password hash in other operations if the experimental audit logging configuration was enabled ExperimentalAuditSettings section in config...

CVE-2021-1831

The issue was addressed with improved permissions logic. This issue is fixed in iOS 14.5 and iPadOS 14.5. An application may allow shortcuts to access restricted files...

CVE-2020-1831

HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195SP31C00E74R3P8 have an improper authorization vulnerability. The digital balance function does not sufficiently restrict the using time of certain user, successful exploit could allow the user break the limit of digital balance...

CVE-2012-1831

Heap-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555...

CVE-2025-1831

A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Affected is the function GetDBUser of the file src/main/java/com/futvan/z/system/zorg/ZorgAction.java. The manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2025-1831

A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Affected is the function GetDBUser of the file src/main/java/com/futvan/z/system/zorg/ZorgAction.java. The manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2025-1831 zj1983 zz ZorgAction.java GetDBUser sql injection

A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Affected is the function GetDBUser of the file src/main/java/com/futvan/z/system/zorg/ZorgAction.java. The manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The...

Oracle Linux 6 : kernel (ELSA-2024-1831)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1831 advisory. - net/sched: schqfq: account for stab overhead in qfqenqueue CVE-2023-3611 Orabug: 36517546 - net/sched: clsfw: Fix improper refcount update leads to...

CVE-2024-1831

creationtimestamp| type| source ---|---|--- 2024-02-23 20:26:11+00:00| seen| https://t.me/ctinow/192131 2024-02-23 20:26:14+00:00| seen| https://t.me/ctinow/192134 2024-03-13 22:41:04+00:00| seen| https://t.me/ctinow/207254 2025-03-12 07:45:08+00:00| seen|...

CVE-2024-1831

A vulnerability, which was classified as critical, was found in SourceCodester Complete File Management System 1.0. Affected is an unknown function of the file users/index.php of the component Login Form. The manipulation of the argument username with the input torada%27+or+%271%27+%3D+%271%27+--...

CVE-2024-1831

CVE-2024-1831 affects SourceCodester Complete File Management System 1.0, with the login form in users/index.php vulnerable to SQL injection via the username parameter (example payload torada%27+or+%271%27+%3D+%271%27+--+-). The vulnerability can be exploited remotely and has been publicly disclo...

CVE-2023-1831

Mattermost fails to redact from audit logs the user password during user creation and the user password hash in other operations if the experimental audit logging configuration was enabled ExperimentalAuditSettings section in config...

CVE-2023-1831

CVE-2023-1831 affects Mattermost Server. When the experimental audit logging (ExperimentalAuditSettings) is enabled, audit logs fail to redact the user password during account creation and the user password hash in other operations, exposing sensitive credentials in logs. The vulnerability is des...

CVE-2023-1831 User password logged in audit logs

Mattermost fails to redact from audit logs the user password during user creation and the user password hash in other operations if the experimental audit logging configuration was enabled ExperimentalAuditSettings section in config...

CVE-2023-1831 User password logged in audit logs

Mattermost fails to redact from audit logs the user password during user creation and the user password hash in other operations if the experimental audit logging configuration was enabled ExperimentalAuditSettings section in config...