CVE-2025-1866

A flaw was found in warmcat libwebsockets. This vulnerability allows pointer manipulation, potentially leading to out-of-bounds memory access via specific CMake configurations on the Win32 platform. Mitigation Mitigation for this issue is either not available or the currently available options do...

CVE-2025-1866

creationtimestamp| type| source ---|---|--- 2025-03-03 09:35:35+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6165 2025-03-03 11:21:29+00:00| seen| https://t.me/cvedetector/19316 2025-03-03 12:44:51+00:00| seen|...

CVE-2025-1866

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows Pointer Manipulation, potentially leading to out-of-bounds memory access. This issue affects libwebsockets before 4.3.4 and is present in code built specifically for the Win32...

CVE-2025-1866

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows Pointer Manipulation, potentially leading to out-of-bounds memory access. This issue affects libwebsockets before 4.3.4 and is present in code built specifically for the Win32...

CVE-2025-1866

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows Pointer Manipulation, potentially leading to out-of-bounds memory access. This issue affects libwebsockets before 4.3.4 and is present in code built specifically for the Win32...

CVE-2025-1866 Undefined Behavior Due to Out-of-Bounds Pointer Arithmetic in libwebsockets

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows Pointer Manipulation, potentially leading to out-of-bounds memory access. This issue affects libwebsockets before 4.3.4 and is present in code built specifically for the Win32...

CVE-2024-20134

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09154589; Issue ID: MSV-1866...

CVE-2024-20134

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09154589; Issue ID: MSV-1866...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1866)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-1866

creationtimestamp| type| source ---|---|--- 2024-02-27 23:26:34+00:00| seen| https://t.me/ctinow/194939 2024-02-27 23:26:48+00:00| seen| https://t.me/ctinow/194950...

RHCOS 4 : OpenShift Container Platform 4.10.58 (RHSA-2023:1866)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1866 advisory. - jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin CVE-2023-25761 - jenkins-2-plugins/pipeline-build-step: Stored X...

CVE-2014-1866

The connected VERACODE entry documents a vulnerability in fat_free_crm: Information leakage via error pages. The root cause is that consider_all_requests_local is set to true by default in production, causing 404 and 500 error pages to expose server setup information. The document does not provid...

CVE-2023-1866

creationtimestamp| type| source ---|---|--- 2023-04-05 18:40:16+00:00| seen| https://t.me/cibsecurity/61466...

CVE-2023-1866 YourChannel <= 1.2.4 - Cross-Site Request Forgery to Plugin Channel Reset

The YourChannel plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.4. This is due to missing or incorrect nonce validation on the clearKeys function. This makes it possible for unauthenticated attackers to reset the plugin's channel settings via...

SUSE CVE-2016-1866

Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream...

Amazon Linux 2 : java-17-amazon-corretto (ALAS-2022-1866)

The version of java-17-amazon-corretto installed on the remote host is prior to 17.0.5+8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1866 advisory. Title: Wider MultiByte conversionsBuffer overflow is possible due to incorrect byte count should be...

CVE-2022-1866

creationtimestamp| type| source ---|---|--- 2022-07-28 02:11:50+00:00| seen| https://t.me/cibsecurity/47149...

CVE-2022-1866

Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions...

UBUNTU-CVE-2022-1866

Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions...

CVE-2022-1866

Chromium/Google Chrome on ChromeOS Tablet Mode is affected by CVE-2022-1866 (Use-after-free in Tablet Mode). The underlying issue is a use-after-free that can lead to heap corruption when a user is steered through specific interactions. Affected versions are Chrome/Chromium prior to 102.0.5005.61...