CVE-2026-30974

creationtimestamp| type| source ---|---|--- 2026-03-10 18:10:05+00:00| seen| https://gist.github.com/alon710/9a8802d53b5fb158c5f6cb0e8400fffd...

CVE-2026-30974

The copyparty advisory GHSA-M6HV-X64C-27MM describes a vulnerability where the nohtml volflag failed to block JavaScript in SVG files. Although not a vulnerability by itself, this allowed a user with write access to upload an SVG containing embedded JavaScript that could execute when opened, pote...

CVE-2026-30974

Copyparty is a portable file server. Prior to v1.20.11., the nohtml config option, intended to prevent execution of JavaScript in user-uploaded HTML files, did not apply to SVG images. A user with write-permission could upload an SVG containing embedded JavaScript, which would execute in the...

Ubuntu: Security Advisory (USN-7575-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-30974

Missing Authorization vulnerability in Akhtarujjaman Shuvo Post Grid Master ajax-filter-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid Master: from n/a through = 3.4.17...

CVE-2025-30974

Missing Authorization vulnerability in Akhtarujjaman Shuvo Post Grid Master ajax-filter-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid Master: from n/a through = 3.4.17...

CVE-2025-30974

CVE-2025-30974 is a Missing Authorization vulnerability in the WordPress plugin Post Grid Master . The issue arises from incorrectly configured access control levels, enabling unauthorized users to exploit restricted actions. Affected versions are Post Grid Master

CVE-2025-30974 WordPress Post Grid Master plugin <= 3.4.17 - Broken Access Control vulnerability

Missing Authorization vulnerability in Akhtarujjaman Shuvo Post Grid Master ajax-filter-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid Master: from n/a through = 3.4.17...

WordPress Post Grid Master plugin <= 3.4.17 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Post Grid Master versions = 3.4.17...

Fedora 37 : mujs (2022-c4b56e4400)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-c4b56e4400 advisory. - Fix CVE-2022-44789 rhbz2148261 - Fix CVE-2022-30975 rhbz2088596 - Fix CVE-2022-30974 rhbz2088591 Tenable has extracted the preceding description...

Fedora 38 : mujs (2022-142872d895)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-142872d895 advisory. Automatic update for mujs-1.3.2-1.fc38. Changelog Thu Dec 1 2022 Alain Vigne 1.3.2-1 - upstream release 1.3.2 - Fix CVE-2022-44789 rhbz2148261 - Fix...

GLSA-202405-06 : mujs: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202405-06 mujs: Multiple Vulnerabilities - Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements. CVE-2021-45005 - compile in regexp.c in...

CVE-2024-30974

SQL Injection vulnerability in autoexpress v.1.3.0 allows attackers to run arbitrary SQL commands via the carId parameter...

CVE-2024-30974

Summary: CVE-2024-30974 affects autoexpress v1.3.0 and is described as a SQL Injection via the carId parameter, enabling attackers to execute arbitrary SQL commands. The primary sources (NVD/Red Hat/CVE listings) consistently state this vulnerability originates from unsafely handling the carId in...

CVE-2024-30974

SQL Injection vulnerability in autoexpress v.1.3.0 allows attackers to run arbitrary SQL commands via the carId parameter...

SUSE CVE-2022-30974

compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413...

Fedora: Security Advisory for mujs (FEDORA-2022-c4b56e4400)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] [DSA 5291-1] mujs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5291-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 28, 2022 https://www.debian.org/security/faq -...

Debian DSA-5291-1 : mujs - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5291 advisory. Multiple security issues were discovered in MuJS, a lightweight JavaScript interpreter, which could result in denial of service and potentially the execution of...

CVE-2022-30974

creationtimestamp| type| source ---|---|--- 2022-05-18 14:28:28+00:00| seen| https://t.me/cibsecurity/42887...