CVE-2026-1986

creationtimestamp| type| source ---|---|--- 2026-03-26 05:57:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhwwau2siz27...

EUVD-2026-1986

Malicious code in @workleap-ai/shared npm...

CVE-2002-1986

Perception LiteServe 2.0 through 2.0.1 allows remote attackers to obtain the source code of CGI scripts via an HTTP request with a trailing dot "."...

CVE-2025-1986

creationtimestamp| type| source ---|---|--- 2025-04-01 06:31:48+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9841...

CVE-2025-1986

CVE-2025-1986 affects the Gutentor WordPress plugin. The vulnerability arises from not sanitizing/escaping a parameter before using it in a SQL statement, enabling admins to perform SQL injection. Affected software: Gutentor versions prior to 3.4.7. Impact is described as an SQL injection with ad...

Linux Distros Unpatched Vulnerability : CVE-2013-1986

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors...

SUSE: Security Advisory (SUSE-SU-2024:1986-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-1986

creationtimestamp| type| source ---|---|--- 2024-03-07 22:26:59+00:00| seen| https://t.me/ctinow/202837 2025-04-16 15:55:57+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12076...

WordPress Booster Elite for WooCommerce Plugin <= 7.1.7 is vulnerable to Arbitrary File Upload

Software Booster Elite for WooCommerce Type Plugin Vulnerable versions = 7.1.7 Fixed in 7.1.8 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-1986 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 3f5da7669b23 Credits Christiaan Swiers YouGina...

CVE-2023-1986

creationtimestamp| type| source ---|---|--- 2023-04-11 22:28:42+00:00| seen| https://t.me/cibsecurity/61913...

CVE-2023-1986 SourceCodester Online Computer and Laptop Store delete_order sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. Affected is the function deleteorder of the file /classes/master.php?f=deleteorder. The manipulation of the argument id leads to sql injection. It is possible to launch the attack...

CVE-2023-1986

The CVE-2023-1986 entry documents an SQL injection affecting SourceCodester Online Computer and Laptop Store 1.0, specifically in the function delete_order in /classes/master.php?f=delete_order. The vulnerability arises from lack of validation/sanitization of the id parameter, enabling remote exp...

SUSE CVE-2012-1986

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with an authorized SSL key and certain permissions on the puppet master to read arbitrary files via a symlink attack in conjunction...

Gogs < 0.12.9 Multiple Vulnerabilities

Gogs is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribu...

CVE-2022-1986

creationtimestamp| type| source ---|---|--- 2022-06-09 20:33:42+00:00| seen| https://t.me/cibsecurity/44128...

CVE-2022-1986

OS Command Injection in GitHub repository gogs/gogs prior to 0.12.9...

CVE-2022-1986

OS Command Injection in GitHub repository gogs/gogs prior to 0.12.9...

CVE-2022-1986

CVE-2022-1986 concerns the Go-Gogs Git service (gogs/gogs) prior to 0.12.9. Multiple sources report an OS command injection vulnerability in the file editor component of Gogs, enabling an attacker to inject and execute commands through the editor facility. The issue is described across multiple f...

Oracle Linux 8 : python3 (ELSA-2022-1986)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1986 advisory. - Security fix for CVE-2021-4189: ftplib should not use the host from the PASV response Resolves: rhbz2036020 Tenable has extracted the preceding...

Puppet Denial of Service and Arbitrary File Write

A vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys to 1 cause a denial of service memory consumption via a REST request to a stream that triggers...