CVE-2026-2417

creationtimestamp| type| source ---|---|--- 2026-03-24 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-083-01...

MiracleLinux 3 : curl-7.15.5-2.1AXS3.5 (AXSA:2009-376:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-376:02 advisory. cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict servers, using any of the supported protocols. cURL is designed to work without user...

CVE-2024-2417

The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the formsaveaction function in all versions up to, and including, 3.1.5. This makes it possible for...

RockyLinux 9 : php:8.1 (RLSA-2023:2417)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2417 advisory. XKCP: buffer overflow in the SHA-3 reference implementation CVE-2022-37454 php: standard insecure cookie could be treated as a 'Host-' or 'Secure-' cooki...

Linux Distros Unpatched Vulnerability : CVE-2012-2417

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key...

WordPress User Registration Plugin <= 3.1.5 is vulnerable to Broken Access Control

Software User Registration Type Plugin Vulnerable versions = 3.1.5 Fixed in 3.2.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-2417 Patch priority High CVSS severity High 8.8 Developer Masteriyo PSID f4d185ab446a Credits Stiofan Required privilege...

Amazon Linux 2 : thunderbird (ALAS-2024-2417)

The version of thunderbird installed on the remote host is prior to 115.6.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2417 advisory. A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function...

Oracle Linux 9 : 8.1 (ELSA-2023-2417)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2417 advisory. php-pecl-apcu 5.1.21-1 - update to 5.1.21 for PHP 8.1 2070040 php-pecl-rrd 2.0.3-4 - build for PHP 8.1 2070040 php-pecl-xdebug3 3.1.4-1 - update to 3.1...

RHEL 9 : php:8.1 (RHSA-2023:2417)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2417 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later...

CVE-2023-2417

A vulnerability was found in ks-soft Advanced Host Monitor up to 12.56 and classified as problematic. Affected by this issue is some unknown functionality of the file C:\Program Files x86\HostMonitor\RMA-Win\rmaactive.exe. The manipulation leads to unquoted search path. It is possible to launch t...

CVE-2023-2417 ks-soft Advanced Host Monitor rma_active.exe unquoted search path

A vulnerability was found in ks-soft Advanced Host Monitor up to 12.56 and classified as problematic. Affected by this issue is some unknown functionality of the file C:\Program Files x86\HostMonitor\RMA-Win\rmaactive.exe. The manipulation leads to unquoted search path. It is possible to launch t...

CVE-2023-2417

CVE-2023-2417 affects ks-soft Advanced Host Monitor (up to v12.56). The issue is an unquoted search path in the service executable C:\Program Files (x86)\HostMonitor\RMA-Win\rma_active.exe, enabling a local attacker to trigger arbitrary execution. The advisory notes upgrading to v12.60 to mitigat...

SUSE CVE-2006-2417

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031...

SUSE CVE-2020-21832

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read2004compressedsection ../../src/decode.c:2417...

Ubuntu: Security Advisory (USN-2417-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GitLab 12.10.x - 15.0.4, 15.1.x - 15.1.3, 15.2 Improper Input Validation Vulnerability

GitLab is prone to an improper input validation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

CVE-2022-2417

Insufficient validation in GitLab CE/EE affecting all versions from 12.10 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 allows an authenticated and authorised user to import a project that includes branch names which are 40 hexadecimal characters, which could be abused in supply...

CVE-2022-2417

GitLab CVE-2022-2417 affects GitLab CE/EE; root cause is insufficient validation during project import, enabling an authenticated user to import a project with branch names that are 40 hexadecimal characters, which could enable supply-chain attacks by pinning to a specific commit. Affected versio...

CVE-2022-2417

Insufficient validation in GitLab CE/EE affecting all versions from 12.10 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 allows an authenticated and authorised user to import a project that includes branch names which are 40 hexadecimal characters, which could be abused in supply...

GitLab 12.10 < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 (CVE-2022-2417)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Insufficient validation in GitLab CE/EE affecting all versions from 12.10 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 allows an authenticated and authorised user to import a projec...