CVE-2026-1902

creationtimestamp| type| source ---|---|--- 2026-03-07 03:18:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgguj34uut2v...

Oracle Linux 10 : python-wheel (ELSA-2026-1902)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1902 advisory. 1:0.41.2-5.1 - Security fix for CVE-2026-24049 Resolves: RHEL-143630 Tenable has extracted the preceding description block directly from the Oracle Linux...

AlmaLinux 10 : python-wheel (ALSA-2026:1902)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:1902 advisory. wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking CVE-2026-24049 Tenable has extracted the preceding description...

RHEL 10 : python-wheel (RHSA-2026:1902)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1902 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

EUVD-2026-1902

A vulnerability has been found in jiujiujia/victor123/wxw850227 jjjfood and jjjshopfood up to 20260103. This vulnerability affects unknown code of the file /index.php/api/product.category/index. Such manipulation of the argument latitude leads to sql injection. The attack can be launched remotely...

RHSA-2024:1902

creationtimestamp| type| source ---|---|--- 2025-10-01 09:00:19+00:00| seen| Telegram/HOI9RhqBej92SEDYPeYOufaX9SS-ALTRn7qub0MNpF0T4 2025-10-01 09:00:21+00:00| seen| Telegram/T18PCyJX5gS6gcDXW3dVGKsiGFXlCyqv6FilSSHPuh1hqZ4 2025-10-01 09:00:22+00:00| seen|...

CVE-2011-1902

Directory traversal vulnerability in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to read arbitrary files via unspecified vectors...

CVE-2025-1902

creationtimestamp| type| source ---|---|--- 2025-03-04 04:34:18+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6316 2025-03-04 06:01:30+00:00| published-proof-of-concept| Telegram/macVH0v7i2nzlHDG3843dn9M-u-r9AI0mgz7c0Lv52YB4Bs 2025-08-19 13:26:46+00:00| seen|...

CVE-2025-1902 PHPGurukul Student Record System password-recovery.php sql injection

A vulnerability was found in PHPGurukul Student Record System 3.2. It has been declared as critical. This vulnerability affects unknown code of the file /password-recovery.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-1902 PHPGurukul Student Record System password-recovery.php sql injection

A vulnerability was found in PHPGurukul Student Record System 3.2. It has been declared as critical. This vulnerability affects unknown code of the file /password-recovery.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has...

Oracle Linux 8 : shim (ELSA-2024-1902)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1902 advisory. 15.8-4.0.1 - Add support for Oracle signed shim Orabug: 36540084 - Add shim binaries signed with Oracle Secure Boot Signing key 1 Orabug: 36540084...

RHEL 8 : shim (RHSA-2024:1902)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1902 advisory. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments...

CVE-2024-1902

creationtimestamp| type| source ---|---|--- 2024-04-12 07:57:23+00:00| seen| https://t.me/arpsyndicate/4558...

Malicious code in wlwz-2312-1902 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74c44976276b6a81564e2f0192ec068a9e1f855cdf778ec96739abcf75a5f678 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-343 Malicious code in wlwz-2312-1902 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74c44976276b6a81564e2f0192ec068a9e1f855cdf778ec96739abcf75a5f678 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Amazon Linux AMI : vim (ALAS-2024-1902)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1902 advisory. Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be...

CVE-2023-1902

creationtimestamp| type| source ---|---|--- 2023-07-10 20:30:05+00:00| seen| https://t.me/cibsecurity/66278...

CVE-2023-1902 HCI Connection Creation Dangling State Reference Re-use

The bluetooth HCI host layer logic not clearing a global reference to a state pointer after handling connection events may allow a malicious HCI Controller to cause the use of a dangling reference in the host layer, leading to a crash DoS or potential RCE on the Host layer...

CVE-2023-1902 HCI Connection Creation Dangling State Reference Re-use

The bluetooth HCI host layer logic not clearing a global reference to a state pointer after handling connection events may allow a malicious HCI Controller to cause the use of a dangling reference in the host layer, leading to a crash DoS or potential RCE on the Host layer...

CVE-2023-1902

CVE-2023-1902 concerns Zephyr RTOS: the Bluetooth HCI host layer does not clear a global reference to a state pointer after processing connection events. This can let a malicious HCI Controller reuse a dangling reference in the host layer, causing a crash (DoS) or potential remote code execution....