CVE-2026-8148

NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks...

CVE-2026-8148

NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks...

MiracleLinux 9 : git-lfs-3.4.1-2.el9_4 (AXSA:2024-8148:03)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8148:03 advisory. golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 golang: net/http/cookiejar: incorrect forwarding of...

CVE-2025-8148

creationtimestamp| type| source ---|---|--- 2025-12-05 21:33:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7bgt7nram2x...

Linux Distros Unpatched Vulnerability : CVE-2014-8148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The default D-Bus access control rule in Midgard2 10.05.7.1 allows local users to send arbitrary method calls or signals to any process on the system bus and...

MAL-2025-8148 Malicious code in @kollusietea/culpa-officiis-nulla (npm)

The package @kollusietea/culpa-officiis-nulla was found to contain malicious code...

CVE-2020-8148

UniFi Cloud Key firmware 1.1.6 contains a vulnerability that enables an attacker being able to change a device hostname by sending a malicious API request. This affects Cloud Key gen2 and Cloud Key gen2 Plus...

CVE-2019-8148

A stored cross-site scripting XSS vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can inject arbitrary JavaScript code when creating a content page via page builder...

CVE-2024-8148

creationtimestamp| type| source ---|---|--- 2024-10-04 21:03:05+00:00| seen| https://t.me/cvedetector/6996...

CVE-2024-8148 BUG-000168624 - Unvalidated redirect in Portal for ArcGIS. (11.2, 11.1, 10.9.1. and 10.8.1)

There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.2 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks...

CVE-2024-8148

CVE-2024-8148 describes an unvalidated redirect vulnerability in Esri Portal for ArcGIS, affecting versions 11.2 and below. The root cause relates to improper handling of target URLs, allowing a remote, unauthenticated attacker to craft a link that redirects a victim to an arbitrary website, pote...

CVE-2024-8148 BUG-000168624 - Unvalidated redirect in Portal for ArcGIS. (11.2, 11.1, 10.9.1. and 10.8.1)

There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.2 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks...

CVE-2019-8148

creationtimestamp| type| source ---|---|--- 2024-02-04 15:21:15+00:00| seen| https://t.me/ctinow/178851...

CVE-2016-8148

CVE-2016-8148 is rejected/not used and does not represent an active vulnerability entry.

CVE-2016-8148

...

CVE-2020-8148

CVE-2020-8148 affects Ubiquiti UniFi Cloud Key Gen2 and Gen2 Plus prior to firmware version 1.1.6. The issue is described as an authorization/unauthorized API request vulnerability that enables an attacker to change a device hostname by sending a crafted API request. Impact is limited to hostname...

CVE-2019-8148

A stored cross-site scripting XSS vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can inject arbitrary JavaScript code when creating a content page via page builder...

CVE-2019-8148

CVE-2019-8148 affects Magento 2.3 up to versions prior to 2.3.3 or 2.3.2-p1. The vulnerability is a stored cross-site scripting (XSS) flaw where an authenticated admin user can inject arbitrary JavaScript code when creating a content page via the page builder. This could result in script executio...

CVE-2018-8148

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8147, CVE-2018-8162...

CVE-2018-8148

CVE-2018-8148 is a remote code execution vulnerability in Microsoft Excel (Office) arising from improper handling of in-memory objects. The issue affects Microsoft Office/Excel and is part of a set including CVE-2018-8147 and CVE-2018-8162; the connected MAC/Office 2018 May 2018 update entry refe...