AlmaLinux 10 : nodejs24 (ALSA-2026:1842)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1842 advisory. nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service CVE-2025-594...

CVE-2014-1842

creationtimestamp| type| source ---|---|--- 2025-10-07 21:02:36+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m2mzldmezb27...

CVE-2020-1842

Huawei HEGE-560 version 1.0.1.20SP2; OSCA-550 and OSCA-550A version 1.0.0.71SP1; and OSCA-550AX and OSCA-550X version 1.0.0.71SP2 have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successf...

CVE-2025-1842

creationtimestamp| type| source ---|---|--- 2025-03-03 01:29:15+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6129 2025-03-03 02:58:50+00:00| seen| https://t.me/cvedetector/19285 2025-03-03 14:37:03+00:00| seen|...

CVE-2025-1842

A vulnerability classified as problematic was found in FITSTATS Technologies AthleteMonitoring up to 20250302. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploit...

CVE-2025-1842 FITSTATS Technologies AthleteMonitoring login.php cross site scripting

A vulnerability classified as problematic was found in FITSTATS Technologies AthleteMonitoring up to 20250302. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploit...

CVE-2025-1842 FITSTATS Technologies AthleteMonitoring login.php cross site scripting

A vulnerability classified as problematic was found in FITSTATS Technologies AthleteMonitoring up to 20250302. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploit...

SUSE SLES15 Security Update : gdk-pixbuf (SUSE-SU-2024:1842-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1842-1 advisory. - CVE-2022-48622: Fixed files rejection with multiple anih chunks bsc1219276. Tenable has extracted the preceding description block directly...

CVE-2024-1842

The wpbakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom Heading tag attribute in all versions up to, and including, 7.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or...

CVE-2023-44372 TALOS-2023-1842 - Adobe Acrobat Reader U3D page event use-after-free vulnerability

Adobe Acrobat Reader versions 23.006.20360 and earlier and 20.005.30524 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...

CVE-2023-44372 TALOS-2023-1842 - Adobe Acrobat Reader U3D page event use-after-free vulnerability

Adobe Acrobat Reader versions 23.006.20360 and earlier and 20.005.30524 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...

Rocky Linux 8 : raptor2 (RLSA-2021:1842)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1842 advisory. - raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML...

Oracle Linux 7 : ELSA-2017-1842-1: / kernel (ELSA-2017-18421)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-18421 advisory. - The doumount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAPSYSADMIN capability for doremountsb calls that chan...

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

Amazon Linux 2 : microcode_ctl (ALAS-2022-1842)

The version of microcodectl installed on the remote host is prior to 2.1-47. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1842 advisory. 2024-02-15: CVE-2022-0005 was added to this advisory. Sensitive information accessible by physical probing of JTAG...

CVE-2022-1842 OpenBook Book Data <= 3.5.2 - Arbitrary Settings Update to Stored XSS via CSRF

The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well...

CVE-2022-1842

CVE-2022-1842 affects the WordPress OpenBook Book Data plugin (versions

Oracle Linux 8 : exiv2 (ELSA-2022-1842)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-1842 advisory. 0.27.5-2 - Remove RPATH Resolves: bz2018422 0.27.5-1 - Exiv2 0.27.5 Resolves: bz2018422 Fix stack exhaustion issue in the printIFDStructure function leading to...

CentOS 8 : exiv2 (CESA-2022:1842)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:1842 advisory. - exiv2: stack exhaustion issue in the printIFDStructure function may lead to DoS CVE-2020-18898 Note that Nessus has not tested for this issue but has instead...

AlmaLinux 8 : raptor2 (ALSA-2021:1842)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1842 advisory. - raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML...