CVE-2012-1909

creationtimestamp| type| source ---|---|--- 2026-05-06 07:21:34+00:00| seen| https://gist.github.com/LarryRuane/7a1ea41744a1068e069a91304ca29c4a...

RHSA-2026:1909 Red Hat Security Advisory: kernel security update

Bulletin has no description...

CVE-2005-1909

The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult for the administrator to read portions of log files via a "...

CVE-2025-1909

The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for...

CVE-2024-1909

The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7.4. This is due to missing or incorrect nonce validation on the categorifyAjaxRenameCategory function. This makes it possible for unauthenticated attackers to rename categori...

CVE-2021-1909

Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music,...

CVE-2020-1909

A use-after-free in a logging library in WhatsApp for iOS prior to v2.20.111 and WhatsApp Business for iOS prior to v2.20.111 could have resulted in memory corruption, crashes and potentially code execution. This could have happened only if several events occurred together in sequence, including...

CVE-2002-1909

Click2Learn Ingenium Learning Management System 5.1 and 6.1 stores the hashed administrative password in a config.txt file under the htdocs directory, which allows remote attackers to obtain the administrative password...

CVE-2025-1909

creationtimestamp| type| source ---|---|--- 2025-05-05 20:20:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14984 2025-05-05 20:36:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3loh7uj3n3u2p 2026-05-26 14:12:37+00:00| seen|...

CVE-2025-1909

The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for...

CVE-2025-1909

The CVE describes an authentication bypass in the WordPress BuddyBoss Platform Pro plugin (WordPress). Affected versions: up to and including 2.7.01. Root cause: insufficient verification on the user supplied during the Apple OAuth authentication request, allowing unauthenticated attackers to log...

Fortinet SSH Backdoor Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortinet SSH Backdoor Scanner', 'Description' = %q This module scans for the Fortinet SSH backdoor. , 'Author' = 'operator8203 ', PoC 'wvu' Modul...

RHEL 6 : python-qpid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-qpid: client does not validate qpid server TLS/SSL certificate CVE-2013-1909 Note that Nessus has not tested...

RHEL 8 : firefox (RHSA-2024:1909)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1909 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

Microsoft Windows 10 1909 Pro SEoL

Microsoft Windows 10 1909 Pro is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

CVE-2024-1909

creationtimestamp| type| source ---|---|--- 2024-02-27 12:32:00+00:00| seen| https://t.me/ctinow/194309 2024-02-27 12:32:13+00:00| seen| https://t.me/ctinow/194320 2024-03-14 13:26:13+00:00| seen| https://t.me/ctinow/207703...

CVE-2024-1909

The Categorify WordPress plugin (Categories/Media Library) is affected by a CSRF vulnerability (CVE-2024-1909) due to missing nonce validation in the categorifyAjaxRenameCategory path. Affected versions are up to 1.0.7.4. The issue allows unauthenticated attackers to rename categories by triggeri...

Amazon Linux AMI : tomcat8 (ALAS-2024-1909)

The version of tomcat8 installed on the remote host is prior to 8.5.96-1.96. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1909 advisory. Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.1...

RHEL 9 : java-1.8.0-openjdk (RHSA-2023:1909)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1909 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

Oracle Linux 9 : java-1.8.0-openjdk (ELSA-2023-1909)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-1909 advisory. 1.8.0.372.b07-1.0.1 - Replace upstream references Orabug: 34340145 1:1.8.0.372.b07-1 - Update to shenandoah-jdk8u372-b07 GA - Update release notes for...