CVE-2026-1871 Authenticated Stack-based Buffer Overflow in RTSP Authentication of Tapo C200

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to...

RHEL 9 : Red Hat JBoss Enterprise Application Platform 8.1.4 (RHSA-2026:1871)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1871 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release o...

EUVD-2006-4427

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-1871

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001...

CVE-2025-1871

creationtimestamp| type| source ---|---|--- 2025-03-03 13:30:11+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6196 2025-03-03 15:32:51+00:00| seen| https://t.me/cvedetector/19346...

CVE-2025-1871 SQL injection vulnerability in 101news

SQL injection vulnerability have been found in 101news affecting version 1.0 through the "category" and "subcategory" parameters in admin/add-subcategory.php...

CVE-2020-1871

creationtimestamp| type| source ---|---|--- 2024-03-19 12:41:40+00:00| seen| https://t.me/ctinow/211406...

CVE-2024-1871

CVE-2024-1871 concerns SourceCodester Employee Management System 1.0 — specifically the Project Assignment Report component. The vulnerability exists in the unknown function handling the file /process/assignp.php where the pname argument can be manipulated to trigger a cross-site scripting (XSS) ...

Amazon Linux AMI : golang (ALAS-2023-1871)

The version of golang installed on the remote host is prior to 1.20.10-1.48. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1871 advisory. Line directives //line can be used to bypass the restrictions on //go:cgo directives, allowing blocked linker and...

1871.com Cross Site Scripting vulnerability OBB-3274571

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-1871

CVE-2023-1871 refers to the YourChannel WordPress plugin (

CVE-2023-1871 YourChannel <= 1.2.4 - Cross-Site Request Forgery to Plugin Language Translation Reset

The YourChannel plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.4. This is due to missing or incorrect nonce validation on the deleteLang function. This makes it possible for unauthenticated attackers to reset the plugin's quick language...

WordPress YourChannel: Everything you want in a YouTube Plugin <= 1.2.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software YourChannel: Everything you want in a YouTube Type Plugin Vulnerable versions = 1.2.4 Fixed in 1.2.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-1871 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 13f3e227516...

SUSE CVE-2021-1871

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this...

Amazon Linux 2 : pcre2 (ALAS-2022-1871)

The version of pcre2 installed on the remote host is prior to 10.23-11. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1871 advisory. An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the...

CVE-2022-1871

creationtimestamp| type| source ---|---|--- 2022-07-28 02:11:57+00:00| seen| https://t.me/cibsecurity/47154...

CVE-2022-1871

Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass file system policy via a crafted HTML page...

CVE-2022-1871

Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass file system policy via a crafted HTML page...

CVE-2022-1871

Chromium/Google Chrome 102.x are affected by CVE-2022-1871: Insufficient policy enforcement in the File System API allows a user-trathan to bypass file system policy via a crafted HTML page after installing a malicious extension. Root cause: insufficient policy enforcement in the File System API....

CVE-2015-1871

...