CVE-2026-1852

creationtimestamp| type| source ---|---|--- 2026-04-15 15:46:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjkajv3ytc2r...

CVE-2026-1852 Product Pricing Table by WooBeWoo <= 1.1.0 - Cross-Site Request Forgery to Stored XSS and Pricing Table Deletion

The Product Pricing Table by WooBeWoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the updateLabel and remove functions. This makes it possible for unauthenticated attackers to...

RockyLinux 8 : util-linux (RLSA-2026:1852)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1852 advisory. util-linux: util-linux: Heap buffer overread in setpwnam when processing 256-byte usernames CVE-2025-14104 Tenable has extracted the preceding description block...

EUVD-2016-1852

Malware in sbrugna...

ECHO-1852-84B4-4223

Bulletin has no description...

CVE-2021-1852

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.5 and iPadOS 14.5. A local user may be able to read kernel memory...

CVE-2011-1852

Multiple stack-based buffer overflows in tftpserver.exe in HP Intelligent Management Center IMC 5.0 before E0101L02 allow remote attackers to execute arbitrary code via crafted packet content accompanying a 1 DATA or 2 ERROR opcode...

CVE-2010-1852

Microsoft Internet Explorer, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a "cross-site...

CVE-2025-1852

A vulnerability has been found in Totolink EX1800T 9.1.0cu.2112B20220316 and classified as critical. This vulnerability affects the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow. The attack can be initiated remotely. The...

CVE-2025-1852 Totolink EX1800T cstecgi.cgi loginAuth buffer overflow

A vulnerability has been found in Totolink EX1800T 9.1.0cu.2112B20220316 and classified as critical. This vulnerability affects the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow. The attack can be initiated remotely. The...

CVE-2025-1852

creationtimestamp| type| source ---|---|--- 2025-03-02 20:36:33+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114094754589427815 2025-03-03 06:29:01+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6151 2025-03-03 07:48:44+00:00| seen|...

CVE-2024-1852

The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the X-Forwarded-For header in all versions up to, and including, 3.4.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...

CVE-2024-1852

CVE-2024-1852 is a stored XSS in the WP-Members Membership Plugin for WordPress, exploitable via the X-Forwarded-For header. The vulnerability stems from using user-controlled HTTP headers to populate the wpmem_get_user_ip() data, which can be stored and later rendered on the admin user profile p...

Critical Security Flaw Found in Popular LayerSlider WordPress Plugin

A critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as password hashes. The flaw, designated as CVE-2024-2879, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as a case of SQL...

CAN-2005-1852

CAN-2005-1852 is an integer overflow in libgadu (Gadu library) that affects Kopete/Kdenetwork and ekg-related components. A remote attacker could send specially crafted Gadu-Gadu messages to trigger the overflow, potentially crashing the involved application or executing arbitrary code. Public ad...

Rocky Linux 8 : kernel (RLSA-2022:7683)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7683 advisory. - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an...

Rocky Linux 8 : kernel-rt (RLSA-2022:7444)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7444 advisory. - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an...

Oracle Linux 8 : patch (ELSA-2020-1852)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-1852 advisory. - CVE-2019-13636 , Dont follow symlinks unless --follow-symlinks is given Tenable has extracted the preceding description block directly from the Oracle Linux...

RHSA-2021:1852

creationtimestamp| type| source ---|---|--- 2023-08-23 16:13:48+00:00| seen| https://t.me/cibsecurity/69052 2025-07-01 14:11:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/20026...

CVE-2023-4042

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8...