CVE-2025-1978

creationtimestamp| type| source ---|---|--- 2026-05-07 11:09:55+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mlb3cyfts22f 2026-05-07 11:25:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlb46drpmy2o 2026-05-07 21:53:41+00:00| seen|...

EulerOS 2.0 SP13 : iputils (EulerOS-SA-2025-1978)

According to the versions of the iputils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ping in iputils through 20240905 allows a denial of service application error or incorrect data collection via a crafted ICMP Echo Reply packet,...

📄 Remote Mouse 3.303 Unauthenticated Remote System Control

Remote Mouse version 3.303 for macOS is vulnerable to unauthenticated remote power control due to weak access restrictions on UDP port 1978. An attacker on the same local network can send crafted packets to remotely shut down, restart, or log off the target system without requiring authentication...

📄 Wifi Mouse 1.9.0.8 Unauthenticated Remote System Control

Wifi Mouse version 1.9.0.8 exposes a TCP control interface on port 1978 that allows remote execution of power commands shutdown, restart, sleep, logoff via unauthenticated commands. An attacker on the same network can exploit this to disrupt the system remotely without user interaction. Exploit...

📄 Wifi Mouse 1.9.0.8 Remote Code Execution

WiFi Mouse Server version 1.9.0.8 allows unauthenticated remote code execution by simulating keyboard input over TCP port 1978. This exploit connects to the server and simulates a keystroke to delivery a reverse shell. Exploit Title: Wifi Mouse version 1.9.0.8 - Remote Code Execution Date:...

📄 Remote Mouse 4.601 Unauthenticated Remote System Control

Remote Mouse version 4.601 for Windows is vulnerable to unauthenticated remote power control due to improper access controls on UDP port 1978. An attacker on the same network can send specially crafted packets to force shutdown, restart, or log off the target system without authentication. Exploi...

📄 Remote Mouse 4.601 Privilege Escalation

Remote Mouse version 4.601 for Windows listens on UDP port 1978 and allows privilege escalation. An attacker on the same network can spawn a SYSTEM-level powershell.exe, resulting in full privilege escalation without authentication or user interaction. Exploit Title: Remote Mouse 4.601 - Local...

📄 Remote Mouse 4.601 Remote Command Execution

This exploit targets Remote Mouse version 4.6.0.1 by injecting malicious UDP packets that simulate keyboard input to execute arbitrary PowerShell commands. The vulnerability exists in the way Remote Mouse processes unauthenticated UDP commands on port 1978 by sending specially crafted packets...

Amazon Linux AMI : ghostscript (ALAS-2025-1978)

The version of ghostscript installed on the remote host is prior to 8.70-24.35. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1978 advisory. PS interpreter - check the type of the Pattern Implementation NOTE:...

Oracle Secure Backup Authentication Bypass / Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability', 'Description' = %q This module exploits an authentication bypass...

CVE-2024-1978

creationtimestamp| type| source ---|---|--- 2024-02-29 08:31:31+00:00| seen| https://t.me/ctinow/196329 2024-02-29 08:31:38+00:00| seen| https://t.me/ctinow/196335...

CVE-2024-1978

The Friends plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.5 via the discoveravailablefeeds function. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary...

CVE-2024-1978 Friends <= 2.8.5 - Authenticated (Admin+) Blind Server-Side Request Forgery

The Friends plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.5 via the discoveravailablefeeds function. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary...

CVE-2024-1978

CVE-2024-1978 concerns the WordPress Friends plugin (versions

WordPress Friends Plugin <= 2.8.5 is vulnerable to Server Side Request Forgery (SSRF)

Software Friends Type Plugin Vulnerable versions = 2.8.5 Fixed in 2.8.6 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-1978 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID c75d983a4b44 Credits Francisco Gutierrez Required privilege...

CVE-2023-1978

creationtimestamp| type| source ---|---|--- 2023-06-09 12:21:42+00:00| seen| https://t.me/cibsecurity/65088...

CVE-2023-1978

CVE-2023-1978 describes a Reflected Cross-Site Scripting (XSS) in the WordPress plugin “ShiftController Employee Shift Scheduling” for versions

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1978)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: haproxy security update

An update for haproxy is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 9 : haproxy (RHSA-2023:1978)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1978 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy...