CVE-2026-2085

A security vulnerability has been detected in D-Link DWR-M921 1.1.50. Affected is the function sub419F20 of the file /boafrm/formUSSDSetup of the component USSD Configuration Endpoint. The manipulation of the argument ussdValue leads to command injection. The attack can be initiated remotely. The...

EUVD-2026-2085

Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox 147, Firefox ESR 115.32, and Firefox ESR 140.7...

ECHO-2085-B29E-395F

Bulletin has no description...

CVE-2024-2085

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'size' value in several widgets all versions up to, and including, 2.4.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2019-2085

In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117496180...

CVE-2010-2085

The default configuration of ASP.NET in Microsoft .NET before 1.1 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting XSS attacks via the VIEWSTATE parameter...

CVE-2002-2085

Directory traversal vulnerability in page.cgi of WWWeBBB Forum 3.82 beta and earlier allows remote attackers to read arbitrary files via a .. dot dot in an HTTP request...

CVE-2025-2085

creationtimestamp| type| source ---|---|--- 2025-03-07 12:34:29+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6831 2025-03-07 14:56:56+00:00| seen| https://t.me/cvedetector/19821 2025-03-07 16:10:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljsfhmjfq...

CVE-2025-2085

A vulnerability classified as problematic has been found in StarSea99 starsea-mall 1.0. This affects an unknown part of the file /admin/carousels/save. The manipulation of the argument redirectUrl leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-2085 StarSea99 starsea-mall save cross site scripting

A vulnerability classified as problematic has been found in StarSea99 starsea-mall 1.0. This affects an unknown part of the file /admin/carousels/save. The manipulation of the argument redirectUrl leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-2085 StarSea99 starsea-mall save cross site scripting

A vulnerability classified as problematic has been found in StarSea99 starsea-mall 1.0. This affects an unknown part of the file /admin/carousels/save. The manipulation of the argument redirectUrl leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

Linux Distros Unpatched Vulnerability : CVE-2016-2085

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The evmverifyhmac function in security/integrity/evm/evmmain.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users...

RHEL 7 : kernel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kernel: out of bounds read in drivers/media/usb/dvb-usb/technisat-usb2.c CVE-2019-15505 - kernel: lack of...

CVE-2024-2085

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'size' value in several widgets all versions up to, and including, 2.4.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-2085 HT Mega – Absolute Addons For Elementor <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'size'

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'size' value in several widgets all versions up to, and including, 2.4.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

RHEL 9 : libreswan (RHSA-2024:2085)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2085 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...

WordPress HT Mega Plugin <= 2.4.6 is vulnerable to Cross Site Scripting (XSS)

Software HT Mega Type Plugin Vulnerable versions = 2.4.6 Fixed in 2.4.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2085 Patch priority Low CVSS severity Low 6.5 Developer HTMega PSID ff91a9cf39da Credits wesley wcraft Required privilege...

CVE-2023-2085

The CVE-2023-2085 entry concerns the WordPress plugin Essential Blocks (versions up to and including 4.0.6). The vulnerability arises from a missing capability check in the templates function, enabling unauthorized information exposure to subscriber-level users. Although a nonce check exists, it ...

Huawei EulerOS: Security Advisory for cryptsetup (EulerOS-SA-2023-2085)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : libwebp (RHSA-2023:2085)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:2085 advisory. The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photograph...