MAL-2026-1898 Malicious code in curl-requester (PyPI)

--- -= Per source details. Do not edit below this line.=-...

CVE-2026-1898

A vulnerability was determined in WeKan up to 8.20. This affects an unknown part of the file packages/wekan-ldap/server/syncUser.js of the component LDAP User Sync. This manipulation causes improper access controls. It is possible to initiate the attack remotely. Upgrading to version 8.21 is able...

Linux Distros Unpatched Vulnerability : CVE-2020-1898

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fbunserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to...

CVE-2024-1898

Improper access control in the notification feature in Devolutions Server 2023.3.14.0 and earlier allows a low privileged user to change notifications settings configured by an administrator...

CVE-2021-1898

Possible buffer over-read due to incorrect overflow check when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2020-1898

The fbunserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to recurse, leading to stack exhaustion. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58....

CVE-2012-1898

Multiple cross-site scripting XSS vulnerabilities in wolfcms/admin/user/add in Wolf CMS 0.75 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 username, 2 useremail, or 3 userusername parameters...

Linux Distros Unpatched Vulnerability : CVE-2022-1898

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use After Free in GitHub repository vim/vim prior to 8.2. CVE-2022-1898 Note that Nessus relies on the presence of the package as reported by the vendor...

CVE-2025-1898

creationtimestamp| type| source ---|---|--- 2025-03-04 02:30:43+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6308 2025-03-04 04:01:29+00:00| published-proof-of-concept| Telegram/G-Dgh76ejdqy6O6AaeZLOjAjPiO1ICTKm7oDwNqDwOMGvk 2025-03-04 04:07:30+00:00| seen|...

CVE-2025-1898

A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11multi. Affected is an unknown function of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to buffer overflow. It is possible to launch the attack remotely. The...

CVE-2024-1898

creationtimestamp| type| source ---|---|--- 2024-03-05 23:26:43+00:00| seen| https://t.me/ctinow/200815 2024-03-05 23:26:48+00:00| seen| https://t.me/ctinow/200820...

CVE-2024-1898

CVE-2024-1898 : Devolutions Server (versions up to 2023.3.14.0) has improper access control in the notification feature, allowing a low-privileged user to change administrator-configured notification settings. The root cause is access control weakness that lets non-admins modify admin-defined con...

Amazon Linux AMI : openssh (ALAS-2023-1898)

The version of openssh installed on the remote host is prior to 7.4p1-22.81. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1898 advisory. AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A...

Rocky Linux 8 : fapolicyd (RLSA-2022:1898)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1898 advisory. - A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression ma...

BELL-CVE-2022-1898 CVE-2022-1898 does not affect BellSoft software

Bulletin has no description...

CVE-2023-1898 CVE-2023-1898

Atlas Copco Power Focus 6000 web server uses a small amount of session ID numbers. An attacker could enter a session ID number to retrieve data for an active user’s session...

CVE-2023-1898

CVE-2023-1898 affects Atlas Copco Power Focus 6000 web server. The issue is a small space of session IDs that could allow an attacker to enter a valid session ID and retrieve data for an active user’s session. Reported as a high-severity, remotely exploitable condition with low attack complexity ...

EulerOS Virtualization 3.0.2.0 : vim (EulerOS-SA-2023-1736)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read in vim/vim prior to 8.2. CVE-2022-0319 - Use After Free in GitHub repository vim/vim prior to 8.2. CVE-2022-0413,...

Rocky Linux 8 : java-17-openjdk (RLSA-2023:1898)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:1898 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected...

USN-5995-1: Vim vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to cras...