SUSE SLED15 / SLES15 Security Update : Mesa (SUSE-SU-2026:1835-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1835-1 advisory. This update for Mesa fixes the following issue: - CVE-2026-40393: out-of-bounds memory access can occur in WebGPU becau...

MAL-2026-1835 Malicious code in react-fast-utilsa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95853c89c144cd1630b70c6d2c5e97e8b3cafd6d8ff628b357c80d6a7f8407b5 The package react-fast-utilsa was found to contain malicious code...

CVE-2026-1835 lcg0124 BootDo cross-site request forgery

A vulnerability was identified in lcg0124 BootDo up to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb. This affects an unknown part. The manipulation leads to cross-site request forgery. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. This product...

EUVD-2021-1835

Malware in sbrugna...

CVE-2024-20146

In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue I...

Linux Distros Unpatched Vulnerability : CVE-2016-1835

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remot...

CVE-2025-1835

creationtimestamp| type| source ---|---|--- 2025-03-02 23:29:36+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6115 2025-03-03 01:18:16+00:00| seen| https://t.me/cvedetector/19272 2025-03-03 02:34:10+00:00| seen|...

CVE-2025-1835

A vulnerability has been found in osuuu LightPicture 1.2.2 and classified as critical. This vulnerability affects the function upload of the file /app/controller/Api.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been...

CVE-2025-1835 osuuu LightPicture Api.php upload unrestricted upload

A vulnerability has been found in osuuu LightPicture 1.2.2 and classified as critical. This vulnerability affects the function upload of the file /app/controller/Api.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been...

CVE-2025-1835 osuuu LightPicture Api.php upload unrestricted upload

A vulnerability has been found in osuuu LightPicture 1.2.2 and classified as critical. This vulnerability affects the function upload of the file /app/controller/Api.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been...

CVE-2025-1835

CVE-2025-1835 affects osuuu LightPicture 1.2.2. The vulnerability is in the upload function of /app/controller/Api.php, where manipulation of the file argument allows unrestricted remote file upload. Multiple sources (including Red Hat, NVD, CVE listings, CIRCL) document this issue and describe i...

RHEL 5 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: Use after free via namespace node in XPointer ranges CVE-2016-4658 - libxml2: Missing validation...

RHEL 9 : shim (RHSA-2024:1835)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1835 advisory. The shim package contains a first stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments...

Amazon Linux AMI : ghostscript (ALAS-2023-1835)

The version of ghostscript installed on the remote host is prior to 8.70-24.30. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1835 advisory. Buffer Overflow vulnerability in cljmediasize function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote attacke...

CVE-2023-1835

The CVE-2023-1835 entry concerns the Ninja Forms Contact Form WordPress plugin prior to 3.6.22. The connected documents provide concrete details: the vulnerability is a Reflected Cross-Site Scripting caused by insufficient input sanitization and output escaping, exposed via the page parameter and...

CVE-2023-1835 Ninja Forms < 3.6.22 - Reflected XSS

The Ninja Forms Contact Form WordPress plugin before 3.6.22 does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

SUSE CVE-2007-1835

PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path session.savepath, uses the TMPDIR default after checking the restrictions, which allows local users to bypass openbasedir restrictions...

Amazon Linux 2 : java-1.7.0-openjdk (ALAS-2022-1835)

The version of java-1.7.0-openjdk installed on the remote host is prior to 1.7.0.321-2.6.28.2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1835 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE...

CVE-2022-1835

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...

CVE-2022-1835

...