MiracleLinux 4 : cyrus-imapd-2.3.16-6.AXS4.3 (AXSA:2011-675:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-675:01 advisory. The cyrus-imapd package contains the core of the Cyrus IMAP server. It is a scaleable enterprise mail system designed for use from small to large...

EUVD-2021-1926

Malware in sbrugna...

CVE-2025-1926

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.8. This is due to missing or incorrect nonce validation on the pagelayersavepost function. This makes it possible for...

CVE-2025-1926

creationtimestamp| type| source ---|---|--- 2025-03-10 04:37:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6979 2025-03-10 07:30:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljyzsibook2s 2025-03-10 08:09:57+00:00| seen|...

CVE-2025-1926 Page Builder: Pagelayer – Drag and Drop website builder <= 1.9.8 - Cross-Site Request Forgery (CSRF) To Post Contents Modification

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.8. This is due to missing or incorrect nonce validation on the pagelayersavepost function. This makes it possible for...

CVE-2025-1926 Page Builder: Pagelayer – Drag and Drop website builder <= 1.9.8 - Cross-Site Request Forgery (CSRF) To Post Contents Modification

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.8. This is due to missing or incorrect nonce validation on the pagelayersavepost function. This makes it possible for...

Amazon Linux AMI : ImageMagick (ALAS-2024-1926)

The version of ImageMagick installed on the remote host is prior to 6.9.10.68-3.22. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1926 advisory. Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial...

CVE-2024-1926

CVE-2024-1926 affects SourceCodester Free and Open Source Inventory Management System 1.0. The vulnerability is a SQL injection in the file /app/ajax/search_sales_report.php triggered by manipulating the customer parameter, with remote exploitation possible. Public disclosure exists. Impact is hi...

Rocky Linux 8 : container-tools:1.0 (RLSA-2020:1926)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:1926 advisory. - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image...

SUSE: Security Advisory (SUSE-SU-2023:1926-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-1926

creationtimestamp| type| source ---|---|--- 2023-04-07 00:27:28+00:00| seen| https://t.me/cibsecurity/61609...

CVE-2023-1926

The CVE-2023-1926 issue affects the WordPress plugin WP Fastest Cache (versions up to 1.1.2). Root cause: missing or incorrect nonce validation in the function deleteCacheToolbar allows unauthenticated attackers to trigger cache deletion via forged requests if a site admin is lured into clicking ...

CVE-2023-1926 WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'deleteCacheToolbar'

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the deleteCacheToolbar function. This makes it possible for unauthenticated attackers to perform cache deletion vi...

Remote Control Collection Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Remote Control Collection RCE', 'Description' = %q This module utilizes the Remote Control Server's, part of the Remote Control Collection by...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Digital Business Automation Workflow family products (CVE-2018-1926)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow, IBM Business Process Manager, WebSphere Process Server, WebSphere Enterprise Service Bus, and WebSphere Lombardi Edition. WebSphere Application Server Liberty is shipped as a component of the...

CVE-2014-1926

CVE-2014-1926 is rejected/not used as stated in the Initial Description.

CVE-2014-1926

...

CVE-2022-1926

Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3...

CVE-2022-1926 Integer Overflow or Wraparound in polonel/trudesk

Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3...

CVE-2022-1926 Integer Overflow or Wraparound in polonel/trudesk

Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3...