CVE-2026-1952

creationtimestamp| type| source ---|---|--- 2026-04-24 08:14:28+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mka3hcifxf2t 2026-04-24 09:00:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116458863177154548 2026-04-24 09:00:31+00:00| seen|...

CVE-2026-1952

Delta Electronics AS320T has denial of service via the undocumented subfunction vulnerability...

CVE-2026-1952

Technical details for CVE-2026-1952 are not publicly available in the provided documents. Monitor for updates from Delta Electronics or CVE databases.

MiracleLinux 4 : thunderbird-38.7.0-1.AXS4 (AXSA:2016-141:03)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-141:03 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security issues fixed with this release: CVE-2016-1952 Multiple unspecified...

MiracleLinux 3 : xen-3.0.3-64.3.1AXS3 (AXSA:2008-458:03)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2008-458:03 advisory. The xen packages contain tools for managing the virtual machine monitor Bugs fixed: CVE-2008-1945 QEMU 0.9.0 does not properly handle changes to...

Huawei EulerOS: Security Advisory for gnupg2 (EulerOS-SA-2025-1952)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-1952

Mattermost version 8.1.x before 8.1.9 fails to sanitize data associated with permalinks when a plugin updates an ephemeral post, allowing an authenticated attacker who can control the ephemeral post update to access individual posts' contents in channels they are not a member of...

CVE-2023-1952

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been classified as critical. This affects an unknown part of the file /?p=products of the component Product Search. The manipulation of the argument search leads to sql injection. It is possible to initiate t...

CVE-2025-1952

creationtimestamp| type| source ---|---|--- 2025-03-04 19:33:53+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6406 2025-03-04 20:30:33+00:00| published-proof-of-concept| Telegram/uO4-Qul7w7ID54-GkK-nwtgYxRoOc9cRXoMqAzCo91rGeSE 2025-03-04 21:15:04+00:00| seen|...

CVE-2025-1952 PHPGurukul Restaurant Table Booking System password-recovery.php sql injection

A vulnerability, which was classified as critical, was found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/password-recovery.php. The manipulation of the argument username/mobileno leads to sql injection. It is possible to launch the attack...

CVE-2025-1952

CVE-2025-1952 affects PHPGurukul Restaurant Table Booking System 1.0. The vulnerability is an SQL injection in /admin/password-recovery.php via the username/mobileno parameter, caused by lack of input validation. It is exploitable remotely and has been publicly disclosed; multiple sources classif...

Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2024-1952)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-30312 TALOS-2024-1952 - Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability

Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2024-1952

creationtimestamp| type| source ---|---|--- 2024-02-29 12:31:59+00:00| seen| https://t.me/ctinow/196567 2024-02-29 12:32:13+00:00| seen| https://t.me/ctinow/196575...

CVE-2024-1952

Mattermost 8.1.x prior to 8.1.9 fails to sanitize data associated with permalinks when a plugin updates an ephemeral post, enabling an authenticated attacker who can control the ephemeral post update to access contents of individual posts in channels they are not a member of. Affected product/ver...

CVE-2023-1952

The CVE-2023-1952 entry concerns SourceCodester Online Computer and Laptop Store 1.0 where the Product Search component’s /?p=products endpoint accepts a search parameter that is vulnerable to SQL injection. The vulnerability allows remote exploitation and has publicly disclosed exploit details; ...

SUSE CVE-2016-1952

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

CVE-2022-1952 eaSYNC < 1.1.16 - Unauthenticated Arbitrary File Upload

The Free Booking Plugin for Hotels, Restaurant and Car Rental WordPress plugin before 1.1.16 suffers from insufficient input validation which leads to arbitrary file upload and subsequently to remote code execution. An AJAX action accessible to unauthenticated users is affected by this issue. An...

CVE-2022-1952

The CVE-2022-1952 issue affects the WordPress eaSYNC Booking plugin (Hotels/Restaurant/Car Rental) versions prior to 1.1.16. It stems from insufficient input validation of an AJAX action, with an allowlist of valid file extensions defined but not used during validation. This leads to arbitrary fi...

CVE-2022-1952

creationtimestamp| type| source ---|---|--- 2022-06-30 09:48:06+00:00| published-proof-of-concept| Telegram/NeKXnTM2sAZzsr0TQAi-bPyfhrvmFH-23PGtGnpZ0v7g30Y 2022-07-11 16:19:21+00:00| seen| https://t.me/cibsecurity/45914 2024-11-24 00:00:00+00:00| seen| The Shadowserver...