CVE-2026-2056

D-Link DIR-605L and DIR-619L routers are affected (versions 2.06B01 and 2.13B01). The issue resides in an unknown function of the file /wan_connection_status.asp within the DHCP Connection Status Handler. The manipulation leads to information disclosure and remote exploitation is possible; the ex...

EUVD-2026-2056

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

CVE-2019-2056

There is a possible disclosure of RAM using a shared crypto key due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-14087928...

EUVD-2019-2056

Malware in sbrugna...

EUVD-2008-2056

Malware in sbrugna...

TencentOS Server 3: libtiff (TSSA-2023:0009)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0009 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0057: libtiff (ALINUX3-SA-2024:0057)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0057 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-2056: Divide By Zero error in...

CVE-2025-2056

The WP Ghost Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 5.4.01 via the showFile function. This makes it possible for unauthenticated attackers to read the contents of specific file types on the server, which ca...

CVE-2025-2056

creationtimestamp| type| source ---|---|--- 2025-03-14 04:53:23+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7521 2025-03-14 08:20:51+00:00| seen| https://t.me/cvedetector/20270...

CVE-2025-2056

CVE-2025-2056 affects the WP Ghost (Hide My WP Ghost) – Security & Firewall WordPress plugin. A path traversal flaw in showFile affects all versions up to and including 5.4.01, allowing unauthenticated attackers to read contents of certain server files containing sensitive information. The vulner...

CVE-2025-2056 WP Ghost <= 5.4.01 - Unauthenticated Limited File Read

The WP Ghost Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 5.4.01 via the showFile function. This makes it possible for unauthenticated attackers to read the contents of specific file types on the server, which ca...

Linux Distros Unpatched Vulnerability : CVE-2022-2056

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from...

CVE-2025-20643

CVE-2025-20643 impacts devices using MediaTek chipsets with a DA module vulnerability. A missing bounds check can cause an out-of-bounds read, potentially enabling local information disclosure when an attacker has physical access and already holds System privileges. Exploitation requires user int...

CVE-2025-20643

In DA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID:...

openSUSE Security Advisory (SUSE-SU-2024:2056-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Artica Proxy 4.50 Loopback Service Disclosure

KL-001-2024-004: Artica Proxy Loopback Services Remotely Accessible Unauthenticated Title: Artica Proxy Loopback Services Remotely Accessible Unauthenticated Advisory ID: KL-001-2024-004 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-004.txt 1...

Artica Proxy 4.50 Loopback Service Disclosure Vulnerability

Services that are running and bound to the loopback interface on the Artica Proxy version 4.50 are accessible through the proxy service. In particular, the tailon service is running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Using the tailon service,...

CVE-2024-2056 Artica Proxy Loopback Services Remotely Accessible Unauthenticated

Services that are running and bound to the loopback interface on the Artica Proxy are accessible through the proxy service. In particular, the "tailon" service is running, running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Security issues associated...

CVE-2024-2056

CVE-2024-2056 — Artica Proxy Tailon exposure : Connected sources confirm that Artica Proxy runs a tailon service bound to the loopback interface and listening on TCP 7050. The tailon instance is running as root and is accessible via the proxy service, allowing an attacker to view files on the Art...

Artica Proxy Loopback Services Remotely Accessible Unauthenticated

Vulnerability Details Affected Vendor: Artica Affected Product: Artica Proxy Affected Version: 4.50 Platform: Debian 10 LTS CWE Classification: CWE-288: Authentication Bypass Using an Alternate Path or Channel, CWE-552: Files or Directories Accessible to External Parties CVE ID: CVE-2024-2056 2...