MiracleLinux 4 : git-1.7.1-9.AXS4 (AXSA:2017-1899:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1899:02 advisory. Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to...

EUVD-2026-1899

A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has...

EUVD-2021-1899

Malware in sbrugna...

CVE-2024-1899

An issue in the anchors subparser of Showdownjs versions = 2.1.0 could allow a remote attacker to cause denial of service conditions...

CVE-2020-1899

The unserialize function supported a type code, "S", which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addresses to be accessed as if they were static StringData objects. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56....

CVE-2002-1899

Cross-site scripting XSS vulnerability in IceWarp Web Mail 3.3.3 and 3.4.5 allows remote attackers to inject arbitrary web script or HTML via the "Full Name" addressname parameter...

Security Bulletin: IBM Fusion HCI and IBM Fusion are vulnerable to denial of service due to Node.js, isaacs node-tar, ShowdownJS

Summary IBM Fusion HCI and IBM Fusion's graphical user interface are vulnerable to a denial of service due to Node.js, isaacs node-tar, and ShowdownJS. CVE-2024-4068, CVE-2024-28863, CVE-2024-1899. Vulnerability Details CVEID:CVE-2024-4068 DESCRIPTION: Node.js braces module is vulnerable to a...

CVE-2025-1899 Tenda TX3 setPptpUserList buffer overflow

A vulnerability has been found in Tenda TX3 16.03.13.11multi and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack can be launched remotely. The exploit...

Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service', 'Description' = %q The vulnerability allows remote unauthenticated attackers to force...

20mk-utils (>=1.0.0 <=1.0.3), 2d-spirograph (>=1.0.2 <=1.0.4) +2111 more potentially affected by CVE-2024-1899 via showdown (>=0.0.1 <=2.1.0)

showdown NPM version =0.0.1, =1.0.0, =1.0.2, =2.0.4, =1.0.6, =0.1.4, =0.1.4, =0.1.4, =13.351.0, =13.351.0, =7.10.0, =7.10.0, =0.0.3, =0.4.15 - @adalink/spark-chat =1.0.0 and more Source cves: CVE-2024-1899 Source advisory: OSV:GHSA-RMMH-P597-PPVV...

CVE-2024-1899

creationtimestamp| type| source ---|---|--- 2024-02-26 20:31:51+00:00| seen| https://t.me/ctinow/193723 2024-02-26 20:31:56+00:00| seen| https://t.me/ctinow/193728...

CVE-2024-1899 Showdownjs Denial of Service

An issue in the anchors subparser of Showdownjs versions = 2.1.0 could allow a remote attacker to cause denial of service conditions...

CVE-2024-1899

CVE-2024-1899 affects ShowdownJS (the anchors subparser) where versions

com.github.linyuzai:concept-plugin-spring-boot-starter (>=2.0.0 <=3.0.0), org.webjars.npm:github-com-showdownjs-ng-showdown (=1.1.0) +3 more potentially affected by CVE-2024-1899 via org.webjars.npm:showdown (>=1.9.1 <=2.1.0)

org.webjars.npm:showdown MAVEN version =1.9.1, =2.0.0, =1.0.2, =1.0.3 - org.webjars.npm:showdown-prism =0.2.0 Source cves: CVE-2024-1899 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-8685132...

org.webjars:angular-markdown-directive (=0.3.0) potentially affected by CVE-2024-1899 via org.webjars:showdown (=0.3.1)

org.webjars:showdown MAVEN version =0.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars:showdown and may be impacted: - org.webjars:angular-markdown-directive =0.3.0 Source cves: CVE-2024-1899 Source advisory: SNYK:JAVA-ORGWEBJARS-8685134...

org.webjars.bower:ng-swagger-ui (=0.0.4) potentially affected by CVE-2024-1899 via org.webjars.bower:showdown (=1.7.6)

org.webjars.bower:showdown MAVEN version =1.7.6 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.bower:showdown and may be impacted: - org.webjars.bower:ng-swagger-ui =0.0.4 Source cves: CVE-2024-1899 Source advisory:...

Amazon Linux AMI : kernel (ALAS-2024-1899)

The version of kernel installed on the remote host is prior to 4.14.334-177.552. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1899 advisory. 2024-07-03: CVE-2023-52813 was added to this advisory. 2024-06-07: CVE-2023-52881 was added to this advisory...

CVE-2023-1899

Atlas Copco Power Focus 6000 web server is not a secure connection by default, which could allow an attacker to gain sensitive information by monitoring network traffic between user and controller...

CVE-2023-1899

Atlas Copco Power Focus 6000 web server is affected by CVE-2023-1899 (cleartext transmission of sensitive information). Public documents confirm that the Power Focus 6000 web interface does not use a secure connection by default, enabling potential interception of credentials or sensitive data ov...

SUSE CVE-2022-1899

Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0...