3467 matches found
CVE-2001-1538
SpeedXess HA-120 DSL router has a default administrative password of "speedxess", which allows remote attackers to gain access...
Amazon Linux 2 : python38-pip (ALASPYTHON3.8-2025-018)
The version of python38-pip installed on the remote host is prior to 21.0.1-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2PYTHON3.8-2025-018 advisory. Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows...
Medium: python
Issue Overview: Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. CVE-2007-4559...
Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2025-924)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-924 advisory. Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence...
Linux Distros Unpatched Vulnerability : CVE-2013-2001
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length...
CVE-2001-1267
creationtimestamp| type| source ---|---|--- 2025-01-17 14:56:40+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2130...
CVE-2001-1533
creationtimestamp| type| source ---|---|--- 2025-01-16 19:56:04+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2021...
CVE-2001-1546
creationtimestamp| type| source ---|---|--- 2025-01-16 19:56:02+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2019...
CVE-2001-0150
creationtimestamp| type| source ---|---|--- 2025-01-16 16:55:33+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1974...
CVE-2001-0667
creationtimestamp| type| source ---|---|--- 2025-01-16 16:55:33+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1974...
PT-2025-4391
Name of the Vulnerable Software and Affected Versions Landray EIS versions 2001 through 2006 Description The issue allows SQL injection in the "Message/fi message receiver.aspx?replyid=" endpoint. This enables unauthorized data access. Recommendations For versions 2001 through 2006, consider...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability Details...
RHEL 5 : libxxf86vm (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libXxf86vm: Multiple Array Index error leading to heap-based OOB write CVE-2013-2001 Note that Nessus has not teste...
CVE-2024-2001
creationtimestamp| type| source ---|---|--- 2024-02-29 15:21:42+00:00| seen| https://t.me/ctinow/196721 2024-02-29 15:27:02+00:00| seen| https://t.me/ctinow/196727...
CVE-2024-2001
A Cross-Site Scripting vulnerability in Cockpit CMS affecting version 2.7.0. This vulnerability could allow an authenticated user to upload an infected PDF file and store a malicious JavaScript payload to be executed when the file is uploaded...
CVE-2024-2001 Cross-Site Scripting vulnerability in Cockpit CMS
A Cross-Site Scripting vulnerability in Cockpit CMS affecting version 2.7.0. This vulnerability could allow an authenticated user to upload an infected PDF file and store a malicious JavaScript payload to be executed when the file is uploaded...
CVE-2024-2001
Cockpit CMS CVE-2024-2001 is a documented XSS in Cockpit CMS 2.7.0 where an authenticated user can upload a PDF containing a malicious JavaScript payload, stored and executed on upload. The issue affects the file upload handling and input validation as described in multiple sources (NVD entry, GH...
RICOH MP 2001 Cross-site Scripting (CVE-2018-17002)
On the RICOH MP 2001 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. This plugin only works with Tenable.ot. Please visit...
CVE-2001-0830
creationtimestamp| type| source ---|---|--- 2024-02-09 08:16:44+00:00| seen| https://t.me/ctinow/181848...
Malicious code in wlwz-2312-2001 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb822772f120d198707d10cbe559f4ca9b619834a479d71bd933c1fd19e71abc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...