MAL-2026-1898 Malicious code in curl-requester (PyPI)

--- -= Per source details. Do not edit below this line.=-...

CVE-2026-1898

A vulnerability was determined in WeKan up to 8.20. This affects an unknown part of the file packages/wekan-ldap/server/syncUser.js of the component LDAP User Sync. This manipulation causes improper access controls. It is possible to initiate the attack remotely. Upgrading to version 8.21 is able...

Linux Distros Unpatched Vulnerability : CVE-2020-1898

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fbunserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to...

CVE-2024-1898

Improper access control in the notification feature in Devolutions Server 2023.3.14.0 and earlier allows a low privileged user to change notifications settings configured by an administrator...

CVE-2021-1898

Possible buffer over-read due to incorrect overflow check when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2020-1898

The fbunserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to recurse, leading to stack exhaustion. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58....

CVE-2012-1898

Multiple cross-site scripting XSS vulnerabilities in wolfcms/admin/user/add in Wolf CMS 0.75 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 username, 2 useremail, or 3 userusername parameters...

Linux Distros Unpatched Vulnerability : CVE-2022-1898

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use After Free in GitHub repository vim/vim prior to 8.2. CVE-2022-1898 Note that Nessus relies on the presence of the package as reported by the vendor...

CVE-2025-1898

creationtimestamp| type| source ---|---|--- 2025-03-04 02:30:43+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6308 2025-03-04 04:01:29+00:00| published-proof-of-concept| Telegram/G-Dgh76ejdqy6O6AaeZLOjAjPiO1ICTKm7oDwNqDwOMGvk 2025-03-04 04:07:30+00:00| seen|...

CVE-2025-1898

A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11multi. Affected is an unknown function of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to buffer overflow. It is possible to launch the attack remotely. The...

CVE-2024-1898

creationtimestamp| type| source ---|---|--- 2024-03-05 23:26:43+00:00| seen| https://t.me/ctinow/200815 2024-03-05 23:26:48+00:00| seen| https://t.me/ctinow/200820...

CVE-2024-1898

CVE-2024-1898 : Devolutions Server (versions up to 2023.3.14.0) has improper access control in the notification feature, allowing a low-privileged user to change administrator-configured notification settings. The root cause is access control weakness that lets non-admins modify admin-defined con...

Amazon Linux AMI : openssh (ALAS-2023-1898)

The version of openssh installed on the remote host is prior to 7.4p1-22.81. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1898 advisory. AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A...

Rocky Linux 8 : fapolicyd (RLSA-2022:1898)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1898 advisory. - A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression ma...

BELL-CVE-2022-1898 CVE-2022-1898 does not affect BellSoft software

Bulletin has no description...

CVE-2023-1898 CVE-2023-1898

Atlas Copco Power Focus 6000 web server uses a small amount of session ID numbers. An attacker could enter a session ID number to retrieve data for an active user’s session...

CVE-2023-1898

CVE-2023-1898 affects Atlas Copco Power Focus 6000 web server. The issue is a small space of session IDs that could allow an attacker to enter a valid session ID and retrieve data for an active user’s session. Reported as a high-severity, remotely exploitable condition with low attack complexity ...

EulerOS Virtualization 3.0.2.0 : vim (EulerOS-SA-2023-1736)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read in vim/vim prior to 8.2. CVE-2022-0319 - Use After Free in GitHub repository vim/vim prior to 8.2. CVE-2022-0413,...

Rocky Linux 8 : java-17-openjdk (RLSA-2023:1898)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:1898 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected...

RHEL 8 : java-17-openjdk (RHSA-2023:1898)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1898 advisory. The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixe...