Linux Distros Unpatched Vulnerability : CVE-2018-20150

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WordPress before 4.9.9 and 5.x before 5.0.1, crafted URLs could trigger XSS for certain use cases involving plugins. CVE-2018-20150 Note that Nessus relies o...

CVE-2024-20150

In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018...

CVE-2021-20150

Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. Authentication can be bypassed and a user may view information as Admin by manually browsing to the setup wizard and forcing it to redirect to the desired page...

CVE-2019-20150

In TreasuryXpress 19191105, a logged-in user can discover saved credentials, even though the UI hides them. Using functionality within the application and a malicious host, it is possible to force the application to expose saved SSH/SFTP credentials. This can be done by using the application's...

CVE-2025-20150

creationtimestamp| type| source ---|---|--- 2025-04-16 20:14:38+00:00| seen| https://t.me/cvedetector/23145...

CVE-2024-20150

In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018...

CVE-2024-20150

creationtimestamp| type| source ---|---|--- 2025-01-06 04:02:56+00:00| seen| https://infosec.exchange/users/cve/statuses/113779420395290764 2025-01-06 04:15:43+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf2bkvp6p22a 2025-01-06 04:42:49+00:00| seen|...

CVE-2024-20150

CVE-2024-20150 affects the Modem component in MediaTek chipsets. A logic error in the Modem can cause a system crash, enabling remote denial of service without privileges and without user interaction. The CVSS v3.1 base score is 7.5 (Network, Privileges Required: None, User Interaction: None, Ava...

CVE-2024-20150

In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018...

CVE-2021-20150

creationtimestamp| type| source ---|---|--- 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-20150.yaml...

CVE-2023-20150

Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers are affected by multiple cross-site scripting (XSS) vulnerabilities in the web-based management interface due to insufficient input validation. The issues are exploitable by sending crafted HTTP requests and convincing a u...

CVE-2017-20150

The CVE-2017-20150 entry describes a SQL injection vulnerability in the Challenge website. The issue is triggered by manipulating input in unknown processing, with a high impact on confidentiality, integrity, and availability. The initial description references a patch named f1644b1d3502e5aa5284f...

showdoc has unspecified vulnerabilities (CNVD-2022-20150)

showdoc is open source and a great tool for IT teams to share documents online. showdoc has a security vulnerability and no details of the vulnerability are currently available...

CVE-2021-20150

Affected product: Trendnet AC2600 TEW-827DRU (firmware 2.08B01). Vulnerability: Improper discloses information via redirection from the setup wizard, enabling an unauthenticated user to bypass authentication and view Admin-level information by forcing the wizard to redirect to a targeted page. Th...

CVE-2019-20150

CVE-2019-20150 affects TreasuryXpress 19191105. A logged-in user can reveal saved SSH/SFTP credentials by manipulating the app’s editor to point the SFTP Host IP at a malicious host and then invoking Check Connectivity, causing the application to send saved credentials to the attacker-controlled ...

[SECURITY] [DSA 4401-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4401-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 01, 2019 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4401-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4401-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 01, 2019 https://www.debian.org/security/faq -...

Debian DLA-1673-1 : wordpress security update

CVE-2018-20147 Authors could modify metadata to bypass intended restrictions on deleting files. CVE-2018-20148 Contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the...

[SECURITY] [DLA 1673-1] wordpress security update

Package : wordpress Version : 4.1.25+dfsg-1+deb8u1 CVE ID : CVE-2018-20147 CVE-2018-20148 CVE-2018-20149 CVE-2018-20150 CVE-2018-20151 CVE-2018-20152 CVE-2018-20153 Debian Bug : 916403 CVE-2018-20147 Authors could modify metadata to bypass intended restrictions on deleting files. CVE-2018-20148...

WordPress Multiple Vulnerabilities (Dec 2018) - Windows

WordPress is prone to multiple vulnerabilities. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...