CVE-2026-1846

loading template...

MiracleLinux 7 : qt5-qtimageformats-5.9.7-2.el7 (AXSA:2021-1846:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1846:01 advisory. libwebp: heap-based buffer overflow in PutLE16 CVE-2018-25011 libwebp: use of uninitialized value in ReadSymbol CVE-2018-25014 libwebp: heap-based...

CVE-2025-1846

A vulnerability was found in zj1983 zz up to 2024-8. It has been declared as problematic. This vulnerability affects the function deleteLocalFile of the file src/main/java/com/futvan/z/system/zfile/ZfileAction.java of the component File Handler. The manipulation of the argument zids leads to deni...

EUVD-2016-2956

Malware in sbrugna...

EUVD-2022-1846

Malicious code in bioql PyPI...

CVE-2021-1846

Processing a maliciously crafted audio file may disclose restricted memory. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An out-of-bounds read was addressed with improved input validation...

CVE-2025-1846

A vulnerability was found in zj1983 zz up to 2024-8. It has been declared as problematic. This vulnerability affects the function deleteLocalFile of the file src/main/java/com/futvan/z/system/zfile/ZfileAction.java of the component File Handler. The manipulation of the argument zids leads to deni...

CVE-2025-1846 zj1983 zz File ZfileAction.java deleteLocalFile denial of service

A vulnerability was found in zj1983 zz up to 2024-8. It has been declared as problematic. This vulnerability affects the function deleteLocalFile of the file src/main/java/com/futvan/z/system/zfile/ZfileAction.java of the component File Handler. The manipulation of the argument zids leads to deni...

CVE-2025-1846 zj1983 zz File ZfileAction.java deleteLocalFile denial of service

A vulnerability was found in zj1983 zz up to 2024-8. It has been declared as problematic. This vulnerability affects the function deleteLocalFile of the file src/main/java/com/futvan/z/system/zfile/ZfileAction.java of the component File Handler. The manipulation of the argument zids leads to deni...

CVE-2025-1846

CVE-2025-1846 affects the zj1983 zz project (up to 2024-8). The flaw is in the File Handler: ZfileAction.java, function deleteLocalFile, where manipulation of the zids argument can cause a remote denial of service. The attack is remotely initiable and exploits have been disclosed publicly; the ve...

RHEL 9 : pcs (RHSA-2024:1846)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1846 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Denial ...

CVE-2024-1846

The Responsive Tabs WordPress plugin before 4.0.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2024-1846

The Responsive Tabs WordPress plugin before 4.0.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2024-1846 Responsive Tabs < 4.0.7 - Contributor+ Stored XSS

The Responsive Tabs WordPress plugin before 4.0.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress Responsive Tabs Plugin < 4.0.7 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Tabs Type Plugin Vulnerable versions 4.0.7 Fixed in 4.0.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1846 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d1565ae17f3e Credits Dmitrii Ignatyev Required...

Rocky Linux 8 : idm:DL1 and idm:client (RLSA-2021:1846)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:1846 advisory. - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one...

Amazon Linux AMI : libtiff (ALAS-2023-1846)

The version of libtiff installed on the remote host is prior to 4.0.3-35.46. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1846 advisory. A NULL pointer dereference in TIFFClose is caused by a failure to open an output file non-existent path or a path that requires...

CVE-2023-1846

creationtimestamp| type| source ---|---|--- 2023-04-05 12:27:49+00:00| seen| https://t.me/cibsecurity/61436...

CVE-2023-1846

SourceCodester Online Payroll System v1.0 contains a SQL injection in /admin/deduction_row.php via the id parameter. The vulnerability allows remote exploitation and affects the file handling deduction_row.php, with exploitation documented (VDB-224986). Multiple connected sources confirm the issu...

CVE-2023-1846 SourceCodester Online Payroll System deduction_row.php sql injection

A vulnerability has been found in SourceCodester Online Payroll System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/deductionrow.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has bee...