MiracleLinux 3 : apr-util-1.2.7-7AXS3.1 (AXSA:2009-69:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-69:01 advisory. The mission of the Apache Portable Runtime APR is to provide a free library of C data structures and routines. This library contains additional utilit...

ECHO-6879-1955-7BFB

Bulletin has no description...

CVE-2021-1955

Denial of service in SAP case due to improper handling of connections when association is rejected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...

CVE-2025-1955

creationtimestamp| type| source ---|---|--- 2025-03-04 23:54:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljlnylgj722a 2025-03-05 00:12:54+00:00| seen| https://t.me/cvedetector/19558 2025-08-18 18:30:59+00:00| seen| MISP/fc16b923-3a13-4e9d-9aac-10a57cac12c7...

CVE-2025-1955

A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Scheduling/scheduling/pages/profile.php. The manipulation of the argument username leads to cross site...

CVE-2025-1955 code-projects Online Class and Exam Scheduling System profile.php cross site scripting

A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Scheduling/scheduling/pages/profile.php. The manipulation of the argument username leads to cross site...

CVE-2025-1955

The affected product is code-projects Online Class and Exam Scheduling System 1.0. The vulnerability is in the file /Scheduling/scheduling/pages/profile.php, where manipulating the username parameter enables cross-site scripting. The issue can be exploited remotely, and public disclosures exist. ...

CVE-2025-1955 code-projects Online Class and Exam Scheduling System profile.php cross site scripting

A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Scheduling/scheduling/pages/profile.php. The manipulation of the argument username leads to cross site...

Synology DiskStation Manager Cross-site Scripting (CVE-2012-1556)

Cross-site scripting XSS vulnerability in Synology Photo Station 5 for DiskStation Manager DSM 3.2-1955 allows remote attackers to inject arbitrary web script or HTML via the name parameter to photo/photoone.php. This plugin only works with Tenable.ot. Please visit...

CVE-2024-1955 Hide Dashboard Notifications <= 1.3 - Missing Authorization to Authenticated(Contributor+) Plugin Settings Modification

The Hide Dashboard Notifications plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'warningnoticessettings' function in all versions up to, and including, 1.3. This makes it possible for authenticated attackers, with contributor acces...

CVE-2024-1955 Hide Dashboard Notifications <= 1.3 - Missing Authorization to Authenticated(Contributor+) Plugin Settings Modification

The Hide Dashboard Notifications plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'warningnoticessettings' function in all versions up to, and including, 1.3. This makes it possible for authenticated attackers, with contributor acces...

WordPress Hide Dashboard Notifications Plugin <= 1.3 is vulnerable to Broken Access Control

Software Hide Dashboard Notifications Type Plugin Vulnerable versions = 1.3 Fixed in 1.3.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1955 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 47605ad93239 Credits Francesco Carlucci...

CVE-2023-1955

creationtimestamp| type| source ---|---|--- 2023-04-08 14:28:42+00:00| seen| https://t.me/cibsecurity/61710...

CVE-2023-1955

A vulnerability classified as critical has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected is an unknown function of the file login.php of the component User Registration. The manipulation of the argument email leads to sql injection. It is possible to launch the attac...

CVE-2023-1955 SourceCodester Online Computer and Laptop Store User Registration login.php sql injection

A vulnerability classified as critical has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected is an unknown function of the file login.php of the component User Registration. The manipulation of the argument email leads to sql injection. It is possible to launch the attac...

CVE-2023-1955

CVE-2023-1955 affects SourceCodester Online Computer and Laptop Store 1.0, specifically the login.php file under the User Registration component. The vulnerability is a SQL injection caused by unsafely handling the email parameter in an unknown function, enabling remote exploitation. Public explo...

SUSE CVE-2016-1955

Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy CSP violation report that contains path information associated with an IFRAME element...

CVE-2022-34170

In Jenkins 2.320 through 2.355 both inclusive and LTS 2.332.1 through LTS 2.332.3 both inclusive the help icon does not escape the feature name that is part of its tooltip, effectively undoing the fix for SECURITY-1955, resulting in a cross-site scripting XSS vulnerability exploitable by attacker...

CVE-2022-1955

Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation...

CVE-2022-1955

creationtimestamp| type| source ---|---|--- 2022-06-30 20:38:57+00:00| seen| Telegram/2nl891CLT1QAJzGnFULjOaac3ZEKN3BJFl4K3sqCMkhp64...