84 matches found
CVE-2026-1879
creationtimestamp| type| source ---|---|--- 2026-04-01 12:13:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3migo3epl5c25...
CVE-2026-1879 Harvard University IQSS Dataverse Theme Customization ThemeAndWidgets.xhtml unrestricted upload
A vulnerability was detected in Harvard University IQSS Dataverse up to 6.8. This affects an unknown function of the file /ThemeAndWidgets.xhtml of the component Theme Customization. Performing a manipulation of the argument uploadLogo results in unrestricted upload. Remote exploitation of the...
CVE-2026-1879 Harvard University IQSS Dataverse Theme Customization ThemeAndWidgets.xhtml unrestricted upload
A vulnerability was detected in Harvard University IQSS Dataverse up to 6.8. This affects an unknown function of the file /ThemeAndWidgets.xhtml of the component Theme Customization. Performing a manipulation of the argument uploadLogo results in unrestricted upload. Remote exploitation of the...
RHSA-2024:1879
creationtimestamp| type| source ---|---|--- 2025-08-18 09:06:39+00:00| seen| Telegram/nf9XZ1EnojkXdV1FR02Ce4mSlWf0BeretyAUD2ZOqWynuI...
CVE-2021-1879
This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been...
CVE-2020-1879
There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions...
CVE-2025-1879
creationtimestamp| type| source ---|---|--- 2025-03-03 21:46:05+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114100690253927235 2025-03-03 23:44:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljj4yihxnd2v 2025-03-03 23:56:16+00:00| seen| https://t.me/cvedetector/194...
CVE-2025-1879 i-Drive i11/i12 APK hard-coded credentials
A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This issue affects some unknown processing of the component APK. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. It was not possible to...
CVE-2025-1879 i-Drive i11/i12 APK hard-coded credentials
A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This issue affects some unknown processing of the component APK. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. It was not possible to...
CVE-2024-1879
A Cross-Site Request Forgery CSRF vulnerability in significant-gravitas/autogpt version v0.5.0 allows attackers to execute arbitrary commands on the AutoGPT server. The vulnerability stems from the lack of protections on the API endpoint receiving instructions, enabling an attacker to direct a us...
CVE-2024-1879 CSRF to RCE in significant-gravitas/autogpt
A Cross-Site Request Forgery CSRF vulnerability in significant-gravitas/autogpt version v0.5.0 allows attackers to execute arbitrary commands on the AutoGPT server. The vulnerability stems from the lack of protections on the API endpoint receiving instructions, enabling an attacker to direct a us...
CVE-2024-1879 CSRF to RCE in significant-gravitas/autogpt
A Cross-Site Request Forgery CSRF vulnerability in significant-gravitas/autogpt version v0.5.0 allows attackers to execute arbitrary commands on the AutoGPT server. The vulnerability stems from the lack of protections on the API endpoint receiving instructions, enabling an attacker to direct a us...
AlmaLinux 9 : gnutls (ALSA-2024:1879)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1879 advisory. - A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to...
Oracle Linux 9 : gnutls (ELSA-2024-1879)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1879 advisory. 3.7.6-23.4 - Fix timing side-channel in deterministic ECDSA RHEL-28958 - Fix potential crash during chain building/verification RHEL-28953 Tenable has...
Amazon Linux AMI : php56 (ALAS-2023-1879)
The version of php56 installed on the remote host is prior to 5.6.40-1.144. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1879 advisory. In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause...
RHEL 9 : java-17-openjdk (RHSA-2023:1879)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1879 advisory. The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixe...
CVE-2023-1879
creationtimestamp| type| source ---|---|--- 2023-04-05 20:26:43+00:00| seen| https://t.me/cibsecurity/61487...
CVE-2023-1879 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12...
CVE-2023-1879 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12...
CVE-2023-1879
CVE-2023-1879 affects thorsten/phpmyfaq before version 3.1.12, where a stored XSS vulnerability exists due to improper sanitization in the updatecategory parameter. The issue can lead to execution of malicious scripts when affected data is accessed. Public documents consistently cite the fix in v...