109 matches found
CVE-2026-1976 Free5GC SMF SessionDeletionResponse null pointer dereference
A weakness has been identified in Free5GC up to 4.1.0. Affected is the function SessionDeletionResponse of the component SMF. This manipulation causes null pointer dereference. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used f...
MiracleLinux 4 : tomcat6-6.0.24-55.AXS4 (AXSA:2013-467:03)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-467:03 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Jav...
CVE-2005-1976
Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files...
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2025-1976)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2022-1976
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's implementation of IO-URING. This flaw allows an attacker with local executable permission to create a string of requests...
CVE-2021-1976
A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...
Amazon Linux AMI : freetype (ALAS-2025-1976)
The version of freetype installed on the remote host is prior to 2.3.11-19.17. It is, therefore, affected by a vulnerability as referenced in the ALAS-2025-1976 advisory. An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related ...
CISA Adds Actively Exploited Broadcom and Commvault Flaws to KEV Database
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added two high-severity security flaws impacting Broadcom Brocade Fabric OS and Commvault Web Server to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The vulnerabilities...
CVE-2025-1976
Summary: CVE-2025-1976 affects Brocade Fabric OS 9.1.0 through 9.1.1d6. A local user with admin privileges can execute arbitrary code with full root privileges due to a design flaw in Fabric OS, effectively a local code-execution vulnerability. Impact: allows full compromise of the host system wh...
CVE-2025-1976
Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value:...
CVE-2024-1976
creationtimestamp| type| source ---|---|--- 2024-02-29 07:22:11+00:00| seen| https://t.me/ctinow/196282 2024-02-29 07:26:54+00:00| seen| https://t.me/ctinow/196299...
CVE-2024-1976
The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20200925. This is due to missing or incorrect nonce validation via the admin/main-settings-page.php file. This makes it possible for unauthenticated attackers to update t...
CVE-2024-1976 Marketing Optimizer <= 20200925 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20200925. This is due to missing or incorrect nonce validation via the admin/main-settings-page.php file. This makes it possible for unauthenticated attackers to update t...
CVE-2024-1976
CVE-2024-1976 : Marketing Optimizer (WordPress plugin) is vulnerable to Cross-Site Request Forgery that can lead to Stored Cross-Site Scripting via admin/main-settings-page.php. The issue arises from missing or incorrect nonce validation, allowing unauthenticated attackers to update plugin settin...
WordPress Marketing Optimizer Plugin <= 20200925 is vulnerable to Cross Site Request Forgery (CSRF)
Software Marketing Optimizer Type Plugin Vulnerable versions = 20200925 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1976 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 0dafd9769ab2 Credits suzuki kaito...
Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2023-1976)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 9 : qatzip (RHSA-2023:1976)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1976 advisory. QATzip is a user space library which builds on top of the Intel QuickAssist Technology user space library, to provide extended accelerated compressio...
CVE-2023-1976
creationtimestamp| type| source ---|---|--- 2023-04-11 14:23:26+00:00| seen| https://t.me/cibsecurity/61845...
CVE-2023-1976 Password Aging with Long Expiration in answerdev/answer
Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6...
CVE-2023-1976 Password Aging with Long Expiration in answerdev/answer
Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6...