CVE-2025-1891

A vulnerability was found in shishuocms 1.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2021-1891

A possible use-after-free occurrence in audio driver can happen when pointers are not properly handled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon...

CVE-2020-1891

A user controlled parameter used in video call in WhatsApp for Android prior to v2.20.17, WhatsApp Business for Android prior to v2.20.7, WhatsApp for iPhone prior to v2.20.20, and WhatsApp Business for iPhone prior to v2.20.20 could have allowed an out-of-bounds write on 32-bit devices...

RHSA-2024:1891

creationtimestamp| type| source ---|---|--- 2025-03-26 05:24:41+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8803...

CVE-2025-1891

creationtimestamp| type| source ---|---|--- 2025-03-04 00:31:09+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6303 2025-03-04 01:36:54+00:00| seen| https://t.me/cvedetector/19432 2025-03-04 02:54:47+00:00| seen|...

CVE-2025-1891

A vulnerability was found in shishuocms 1.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-1891

A vulnerability was found in shishuocms 1.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-1891 shishuocms cross-site request forgery

A vulnerability was found in shishuocms 1.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-1891

CVE-2025-1891 affects shishuocms 1.1. The vulnerability is a cross-site request forgery (CSRF) issue and may be triggered remotely. The description indicates the exploit has been disclosed publicly. No concrete remediation or patch details are provided in the connected documents, and specific imp...

CVE-2024-1891

A stored cross site scripting vulnerability exists in Tenable Security Center where an authenticated, remote attacker could inject HTML code into a web application scan result page...

CVE-2024-1891 Stored Cross Site Scripting

A stored cross site scripting vulnerability exists in Tenable Security Center where an authenticated, remote attacker could inject HTML code into a web application scan result page...

CVE-2024-1891 Stored Cross Site Scripting

A stored cross site scripting vulnerability exists in Tenable Security Center where an authenticated, remote attacker could inject HTML code into a web application scan result page...

Tenable Security Center < 6.4.0 Multiple Vulnerabilities (TNS-2024-10)

According to its self-reported version, the Tenable Security Center running on the remote host is prior to 6.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2024-10 advisory. - Security Center leverages third-party software to help provide underlying...

Amazon Linux AMI : openssl (ALAS-2023-1891)

The version of openssl installed on the remote host is prior to 1.0.2k-16.165. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1891 advisory. Issue summary: Generating excessively long X9.42 DH keys or checkingexcessively long X9.42 DH keys or parameters may be very...

Rocky Linux 8 : libpq (RLSA-2022:1891)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1891 advisory. - A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption...

CVE-2023-1891 Accordion & FAQ < 1.9.9 - Reflected XSS

The Accordion & FAQ WordPress plugin before 1.9.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting...

CVE-2023-1891

CVE-2023-1891 affects the Accordion & FAQ WordPress plugin prior to 1.9.9. The vulnerability stems from not escaping generated URLs before outputting them in attributes when notices are displayed, enabling a Reflected Cross-Site Scripting (XSS) condition. Impact is described as reflected XSS, wit...

OpenCart 1.4.7 < 2.0.0.0 Directory Traversal Vulnerability

OpenCart is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:opencart:opencart"; if...

WordPress Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin Plugin < 1.9.9 is vulnerable to Cross Site Scripting (XSS)

Software Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin Type Plugin Vulnerable versions 1.9.9 Fixed in 1.9.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1891 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID...

CVE-2022-1891

CVE-2022-1891 concerns a buffer overflow in Lenovo Notebook firmware, specifically the SystemLoadDefaultDxe driver (also involving ReadyBootDxe and SystemBootManagerDxe). The root cause is insufficient validation of an NVRAM DataSize variable, enabling local privilege escalation to arbitrary code...