Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM

What is CVE-2026-41940? CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40. The flaw, discovered by WatchTowr Labs, exists in the login flow and allows unauthenticated remote attackers to gain unauthorized access to...

Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately

cPanel has released security updates to address a security issue impacting various authentication paths that could allow an attacker to obtain access to the control panel software. The problem affects all currently supported versions of cPanel and WebHost Manager WHM, according to an alert...

CVE-2026-2083

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file /deletepost.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to th...

EUVD-2026-2083

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the mac2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2019-2083

In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117495362...

CVE-2024-2083

A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The...

EUVD-2007-5025

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2013-2083

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The MoodleQuickForm class in lib/formslib.php in Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly handle...

CVE-2012-2083

Cross-site scripting XSS vulnerability in the fusioncorepreprocesspage function in fusioncore/template.php in the Fusion module before 6.x-1.13 for Drupal allows remote attackers to inject arbitrary web script or HTML via the q parameter...

CVE-2009-2083

Cross-site scripting XSS vulnerability in the term data detail page in Taxonomy manager 5.x before 5.x-1.2, a module for Drupal, allows remote authenticated users, with administer taxonomy privileges or the ability to use free tagging to add taxonomy terms, to inject arbitrary web script or HTML...

CVE-2025-2083

CVE-2025-2083 (Logo Carousel Gutenberg Block, WordPress) : The WordPress plugin Logo Carousel Gutenberg Block (versions

CVE-2025-2083 Logo Carousel Gutenberg Block <= 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via sliderId Parameter

The Logo Carousel Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘sliderId’ parameter in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2025-2083 Logo Carousel Gutenberg Block <= 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via sliderId Parameter

The Logo Carousel Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘sliderId’ parameter in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress Logo Carousel Gutenberg Block plugin <= 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via sliderId Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via sliderId Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Logo Carousel Gutenberg Block versions = 2.1.6...

openSUSE Security Advisory (SUSE-SU-2024:2083-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-2083

A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The...

CVE-2024-2083 Directory Traversal in zenml-io/zenml

A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The...

CVE-2024-2083 Directory Traversal in zenml-io/zenml

A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The...

CVE-2023-2083

The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the save function in versions up to, and including, 4.0.6. This makes it possible for subscriber-level attackers to save plugin settings. While a nonce check is presen...

CVE-2023-2083

CVE-2023-2083 affects the WordPress plugin “Essential Blocks” (versions up to 4.0.6). The root cause is a missing capability check on the save function, with a nonce check that only runs when a nonce is provided; without a nonce, nonce verification is skipped and no capability check occurs. This ...