RHCOS 6 : ruby193-rubygem-activerecord (RHSA-2013:0699)

The remote Red Hat Enterprise Linux CoreOS 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0699 advisory. - rubygem-activerecord: attributedos Symbol DoS vulnerability CVE-2013-1854 Note that Nessus has not tested for this issue but has instead...

CVE-2012-1854

creationtimestamp| type| source ---|---|--- 2026-04-13 18:00:02+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5bcfae49-c2a1-49d8-a588-65ac74882fb9 2026-04-13 18:07:38+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/6244769 2026-04-13...

Linux Distros Unpatched Vulnerability : CVE-2016-1854

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of...

CVE-2024-1854

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blockId parameter in all versions up to, and including, 4.5.1 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2021-1854

A call termination issue with was addressed with improved logic. This issue is fixed in iOS 14.5 and iPadOS 14.5. A legacy cellular network can automatically answer an incoming call when an ongoing call ends or drops...

CVE-2010-1854

Cross-site scripting XSS vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the idauk parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; th...

CVE-2025-1854

creationtimestamp| type| source ---|---|--- 2025-03-03 07:29:36+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6154 2025-03-03 09:40:58+00:00| seen| https://t.me/cvedetector/19308 2025-08-16 01:45:15+00:00| seen| MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0 2025-08-19...

CVE-2025-1854

A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/delmember.php. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit...

CVE-2024-1854

creationtimestamp| type| source ---|---|--- 2024-03-13 17:37:05+00:00| seen| https://t.me/ctinow/206938...

CVE-2024-1854

CVE-2024-1854 (WordPress plugin: Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates) The vulnerability is a Stored XSS in the blockId parameter across all versions up to and including 4.5.1 of the Essential Blocks plugin for WordPress. The root cause is insufficient input sani...

WordPress Essential Blocks for Gutenberg Plugin <= 4.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Essential Blocks for Gutenberg Type Plugin Vulnerable versions = 4.5.1 Fixed in 4.5.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1854 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5f950450ff21 Credits WordFence...

CVE-2023-1854

creationtimestamp| type| source ---|---|--- 2023-04-05 12:28:01+00:00| seen| https://t.me/cibsecurity/61443...

CVE-2023-1854

CVE-2023-1854 — SourceCodester Online Graduate Tracer System 1.0 : A vulnerability in an unknown function in admin/ leads to session expiration. It can be exploited remotely, and the exploit has been disclosed publicly. Public sources (NVD) rate the impact as high (CVSSv3.1: 9.8) with network acc...

Amazon Linux 2 : systemd (ALAS-2022-1854)

The version of systemd installed on the remote host is prior to 219-78. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1854 advisory. It was discovered that pamsystemd does not properly sanitize the environment before using the XDGSEAT variable. It is...

CVE-2022-1854

Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-1854

Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-1854

This CVE concerns Google Chrome’s ANGLE component and is caused by a Use-after-Free leading to potential heap corruption via a crafted HTML page. Affected software is Chrome (ANGLE) prior to version 102.0.5005.61. The issue is reported across multiple sources (e.g., Debian advisory for chromium, ...

CVE-2022-1854

Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-1854

Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Fedora: Security Advisory for chromium (FEDORA-2022-bcb096166f)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...