CVE-2026-2076 yeqifu warehouse User Management Endpoint UserController.java deleteUser improper authorization

A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this vulnerability is the function addUser/updateUser/deleteUser of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\UserController.java of the component User...

EUVD-2026-2076

An improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, FortiSIEM 7.0.0 through 7.0.4, FortiSIEM 6.7.0 through 6.7.10 may allow an attacker to execute...

EUVD-2013-2076

Malware in sbrugna...

Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2025-2076)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-2076

A vulnerability classified as problematic was found in Campcodes Online Traffic Offense Management System 1.0. This vulnerability affects unknown code of the file /classes/Users.phpp. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The...

CVE-2002-2076

Directory traversal vulnerability in Lil' HTTP server 2.1 and 2.2 allows remote attackers to read arbitrary files via a .. dot dot in an HTTP GET request...

CVE-2009-2076

Cross-site scripting XSS vulnerability in Views 6.x before 6.x-2.6, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via 1 exposed filters in the Views UI administrative interface and in the 2 view name parameter in the define custom views feature. NOT...

CVE-2005-2076

HP Version Control Repository Manager VCRM before 2.1.1.730 does not properly handle the "@" character in a proxy password, which could allow attackers with physical access to obtain portions of the password when it is displayed to the screen...

CVE-2025-2076 binlayerpress <= 1.1 - Authenticated (Admin+) Stored Cross-Site Scripting

The binlayerpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

CVE-2025-2076 binlayerpress <= 1.1 - Authenticated (Admin+) Stored Cross-Site Scripting

The binlayerpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gdk-pixbuf (SUSE-SU-2024:2076-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2076-1 advisory. gdk-pixbuf was updated to version 2.42.12: - Security issues fixed: CVE-2022-48622: Fixed vulnerability...

CVE-2024-2076

creationtimestamp| type| source ---|---|--- 2024-03-01 20:27:16+00:00| seen| https://t.me/ctinow/197964 2024-03-01 20:31:22+00:00| seen| https://t.me/ctinow/197970...

CVE-2010-2076

creationtimestamp| type| source ---|---|--- 2024-02-15 23:16:18+00:00| seen| https://t.me/ctinow/185962...

Rocky Linux 8 : libwebp (RLSA-2023:2076)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:2076 advisory. - A double-free in libwebp could have led to memory corruption and a potentially exploitable crash. CVE-2023-1999 Note that Nessus has not tested for this issue...

Oracle Linux 8 : libwebp (ELSA-2023-2076)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-2076 advisory. 1.0.0-8 - Added fix for mzbz1819244 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

RHEL 8 : libwebp (RHSA-2023:2076)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:2076 advisory. The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photograph...

CVE-2023-2076

creationtimestamp| type| source ---|---|--- 2023-04-15 00:26:06+00:00| seen| https://t.me/cibsecurity/62184...

CVE-2023-2076

CVE-2023-2076 affects Campcodes Online Traffic Offense Management System 1.0. The vulnerability lies in the /classes/Users.php(p) file where unsanitized manipulation of the id argument enables a cross-site scripting (XSS) condition. It can be exploited remotely and is publicly disclosed. Affected...

CVE-2023-2076 Campcodes Online Traffic Offense Management System Users.phpp cross site scripting

A vulnerability classified as problematic was found in Campcodes Online Traffic Offense Management System 1.0. This vulnerability affects unknown code of the file /classes/Users.phpp. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The...

SUSE CVE-2013-2076

Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instructions of other domains, which can be leveraged t...