MiracleLinux 4 : mesa-9.0-0.8.AXS4.3 (AXSA:2013-500:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-500:03 advisory. Mesa Security issues fixed with this release: CVE-2013-1872 No description available at the time of writing, please refer to the CVE links below...

Linux Distros Unpatched Vulnerability : CVE-2023-1872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability in the Linux Kernel iouring system can be exploited to achieve local privilege escalation. The iofilegetfixed function lacks the...

CVE-2024-20132

In Modem, there is a possible out of bonds write due to a mission bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00957388; Issue ID: MSV-1872...

CVE-2020-1872

Huawei smart phones P10 Plus with versions earlier than 9.1.0.201C01E75R1P12T8, earlier than 9.1.0.252C185E2R1P9T8, earlier than 9.1.0.252C432E4R1P9T8, and earlier than 9.1.0.255C576E6R1P8T8 have a digital balance bypass vulnerability. When re-configuring the mobile phone at the digital balance...

CVE-2010-1872

Cross-site scripting XSS vulnerability in cPlayer.php in FlashCard 2.6.5 and 3.0.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: some of these details are obtained from third party information...

CVE-2025-1872

creationtimestamp| type| source ---|---|--- 2025-03-03 13:30:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6198 2025-03-03 15:32:52+00:00| seen| https://t.me/cvedetector/19347...

CVE-2025-1872

CVE-2025-1872 describes a SQL injection in the 101news application affecting version 1.0, exposed through the sadminusername parameter in admin/add-subadmins.php. The vulnerability is supported by multiple sources in the connected set (NVD and Red Hat/CVEs references, with accompanying CVSS 3.1 a...

CVE-2024-20132

In Modem, there is a possible out of bonds write due to a mission bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00957388; Issue ID: MSV-1872...

AlmaLinux 9 : mod_http2 (ALSA-2024:1872)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:1872 advisory. - HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop...

Oracle Linux 9 : mod_http2 (ELSA-2024-1872)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1872 advisory. 1.15.19-5.1 - Resolves: RHEL-29826 - modhttp2: httpd: CONTINUATION frames DoS CVE-2024-27316 Tenable has extracted the preceding description block directly from...

CVE-2024-1872

CVE-2024-1872 affects Button for WordPress (all versions

WordPress Button Plugin <= 1.1.27 is vulnerable to PHP Object Injection

Software Button Type Plugin Vulnerable versions = 1.1.27 Fixed in 1.1.28 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-1872 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID d7ad40b2deb7 Credits Francesco Carlucci Required privilege...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-2755)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-2647)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LSN-0095-1: Kernel Live Patch Security Notice

It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.CVE-2023-0386 It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel...

SUSE SLES15 Security Update : kernel (Live Patch 28 for SLE 15 SP3) (SUSE-SU-2023:2416)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2416 advisory. - There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the...

SUSE SLES15 Security Update : kernel (Live Patch 31 for SLE 15 SP3) (SUSE-SU-2023:2401)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2401 advisory. - A use-after-free vulnerability in the Linux Kernel iouring system can be exploited to achieve local privilege escalation. The iofilegetfixed...

Ubuntu: Security Advisory (USN-6133-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6133-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6133-1 advisory. It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some...

CVE-2023-1872 affecting package kernel for versions less than 5.15.111.1-1

CVE-2023-1872 affecting package kernel for versions less than 5.15.111.1-1. A patched version of the package is available...