MiracleLinux 9 : pcp-6.2.0-2.el9 (AXSA:2024-8062:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8062:02 advisory. pcp: exposure of the redis server backend allows remote command execution via pmproxy CVE-2024-3019 Tenable has extracted the preceding description...

CVE-2025-8062

The WS Theme Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wsweather shortcode in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

WordPress WS Theme Addons plugin <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via ws_weather Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via wsweather Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin WS Theme Addons versions = 2.0.0...

MAL-2025-8062 Malicious code in @hishprorg/veniam-soluta (npm)

The package @hishprorg/veniam-soluta was found to contain malicious code...

CVE-2019-8062

Adobe After Effects versions 16 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2019-8062

creationtimestamp| type| source ---|---|--- 2025-05-05 19:20:34+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14972...

ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.10), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.10) +49 more potentially affected by CVE-2024-8062 via ai.h2o:h2o-core (>=0.1.10 <=3.8.3.4)

ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.8.2.4, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.10 and more Source cves: CVE-2024-8062 Source advisory: SNYK:JAVA-AIH2O-9486738...

fluoriclogppka (>=0.1.0 <=0.2.7), h2o-wave-ml (>=0.3.0 <=0.5.0) +1 more potentially affected by CVE-2024-8062 via h2o (>=3.32.0.2 <=3.44.0.3)

h2o PYPI version =3.32.0.2, =0.1.0, =0.3.0, =0.4.5, =0.4.15a1 Source cves: CVE-2024-8062 Source advisory: OSV:GHSA-5C8J-G96X-CJ78...

ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.44.0.3), ai.h2o:h2o-algos (>=3.2.0.1 <=3.44.0.3) +34 more potentially affected by CVE-2024-8062 via ai.h2o:h2o-core (>=3.2.0.1 <=3.44.0.3)

ai.h2o:h2o-core MAVEN version =3.2.0.1, =3.34.0.1, =3.2.0.1, =3.2.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.1.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.34.0.3, =3.30.0.1, =3.44.0.3 and more Source cves: CVE-2024-8062 Source advisory: OSV:GHSA-5C8J-G96X-CJ78...

CVE-2024-8062

A vulnerability in the typeahead endpoint of h2oai/h2o-3 version 3.46.0 allows for a denial of service. The endpoint performs a HEAD request to verify the existence of a specified resource without setting a timeout. An attacker can exploit this by sending multiple requests to an attacker-controll...

CVE-2024-8062 Denial of Service in h2oai/h2o-3

A vulnerability in the typeahead endpoint of h2oai/h2o-3 version 3.46.0 allows for a denial of service. The endpoint performs a HEAD request to verify the existence of a specified resource without setting a timeout. An attacker can exploit this by sending multiple requests to an attacker-controll...

CVE-2024-8062 Denial of Service in h2oai/h2o-3

A vulnerability in the typeahead endpoint of h2oai/h2o-3 version 3.46.0 allows for a denial of service. The endpoint performs a HEAD request to verify the existence of a specified resource without setting a timeout. An attacker can exploit this by sending multiple requests to an attacker-controll...

Adobe After Effects < 16.1.2 (APSB19-31)

The version of Adobe After Effects installed on the remote Windows host is prior to 16.1.2. It is, therefore, affected by a vulnerability as referenced in the APSB19-31 advisory. - Adobe After Effects versions 16 and earlier have an insecure library loading dll hijacking vulnerability. Successful...

Oracle Linux 9 : unbound (ELSA-2022-8062)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8062 advisory. 1.16.2-2 - Require openssl tool for unbound-keygen 2116802 1.16.2-1 - Update to 1.16.2 2087120 1.16.0-3 - Disable ED25519 and ED448 in FIPS mode 207954...

RHEL 9 : unbound (RHSA-2022:8062)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8062 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. The following packages have been upgraded to a lat...

CVE-2018-8062

creationtimestamp| type| source ---|---|--- 2020-10-23 12:53:15+00:00| seen| https://t.me/cibsecurity/15546 2024-11-14 06:07:15+00:00| seen| MISP/e2c31f6f-b27d-4761-a0bd-be3c6b7dfa00...

CVE-2018-8062

CVE-2018-8062 affects the Comtrend AR-5387un router family (firmware A731-410JAZ-C04_R02.A2pD035g.d23i). The vulnerability is an XSS flaw in the WAN Service Description parameter during WAN service creation, enabling injection of arbitrary script/HTML. Public sources describe a persistent XSS var...

Comtrend AR-5387un router - Persistent XSS (Authenticated)

!/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Persistent XSS on Comtrend AR-5387un router Date: 19/10/2020 Exploit Author: OscarAkaElvis Vendor Homepage: https://www.comtrend.com/ Version: Comtrend AR-5387un router Tested on: Software/Firmware version A731-410JAZ-C04R02.A2pD035g.d2...

CVE-2019-8062

Adobe After Effects versions 16 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2019-8062

CVE-2019-8062 affects Adobe After Effects versions 16 and earlier. The issue is insecure library loading (DLL hijacking), which could allow arbitrary code execution upon successful exploitation. Remediation from connected details points to updating to a newer version (e.g., 16.1.2 or later, per A...