RHCOS 6 : haproxy (RHSA-2013:0729)

The remote Red Hat Enterprise Linux CoreOS 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2013:0729 advisory. - haproxy: rewrite rules flaw can lead to arbitrary code execution CVE-2013-1912 Note that Nessus has not tested for this issue but has inste...

MiracleLinux 7 : openssh-7.4p1-11.el7 (AXSA:2017-1912:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1912:03 advisory. SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide...

MiracleLinux 4 : python-2.6.6-64.0.1.AXS4 (AXSA:2015-418:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-418:02 advisory. Coherence is a framework written in Python enabling applications to participate in digital living networks, such as the UPnP universe. Security issue...

CVE-2025-1912

The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.0 via the validatefile Function. This makes it possible for authenticated attackers, with Administrator-level...

EUVD-2022-32004

Malicious code in bioql PyPI...

CVE-2025-1912

creationtimestamp| type| source ---|---|--- 2025-03-26 12:26:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8836 2025-03-26 13:53:18+00:00| seen| https://t.me/cvedetector/21168 2025-03-26 14:00:41+00:00| seen| Telegram/9ygORz8uFpOyzUmiTv6QZpRvPun4GO9rO4jZzSyxGAjKx7I...

CVE-2025-1912

The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.0 via the validatefile Function. This makes it possible for authenticated attackers, with Administrator-level...

CVE-2025-1912 Product Import Export for WooCommerce <= 2.5.0 - Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function

The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.0 via the validatefile Function. This makes it possible for authenticated attackers, with Administrator-level...

CVE-2025-1912

CVE-2025-1912 affects the WordPress plugin “Product Import Export for WooCommerce – Import Export Product CSV Suite.” The Red Hat advisory confirms the issue as a Server-Side Request Forgery (SSRF) in the validate_file() path, affecting all versions up to 2.5.0. An attacker who has Administrator-...

CVE-2025-1912 Product Import Export for WooCommerce <= 2.5.0 - Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function

The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.0 via the validatefile Function. This makes it possible for authenticated attackers, with Administrator-level...

CVE-2022-1912

The Button Widget Smartsoft plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing nonce validation on the smartsoftbuttonsettings page. This makes it possible for unauthenticated attackers to update the plugins settings an...

Working Directory ignored for first application launch after upgrading to 1912 CU9 VDA

This known issue affects published applications in Multi-Session VDAs. VDAs are upgraded to 1912 CU9. Launching the first Published Application fails. Any subsequent application launch succeeds. In certain cases, the initial launch of the published application is successful but results in a...

Rocky Linux 8 : firefox (RLSA-2024:1912)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1912 advisory. - The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This...

CentOS 8 : firefox (CESA-2024:1912)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:1912 advisory. - The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This...

Oracle Linux 8 : firefox (ELSA-2024-1912)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-1912 advisory. 115.10.0-1.0.1 - Change default prefs file to Oracle version 115.10.0-1 - Update to 115.10.0 build1 Tenable has extracted the preceding description blo...

RHEL 8 : firefox (RHSA-2024:1912)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1912 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

CVE-2024-1912

creationtimestamp| type| source ---|---|--- 2024-02-27 12:32:02+00:00| seen| https://t.me/ctinow/194311 2024-03-14 12:56:15+00:00| seen| https://t.me/ctinow/207681...

CVE-2024-1912

The CVE-2024-1912 entry concerns the Categorify WordPress plugin (versions up to and including 1.0.7.4). The underlying issue is missing or incorrect nonce validation in the categorifyAjaxUpdateFolderPosition function, enabling CSRF: unauthenticated attackers could forge requests to alter categor...

Amazon Linux AMI : kernel (ALAS-2024-1912)

"The version of kernel installed on the remote host is prior to 4.14.336-179.557. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1912 advisory. An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 netfilter:...

Citrix Session Recording Security Bulletin for CVE-2023-6184

A vulnerability has been discovered in Citrix Session Recording, which, if exploited, may result in an authenticated user being able to perform an RCE. Affected Versions: The following supported versions of Citrix Session Recording are affected by the vulnerability: Current Release CR Citrix...