MiracleLinux 7 : openssl-1.0.1e-51.el7.5 (AXSA:2016-230:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-230:03 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

CVE-2019-2106

In ihevcdsaoshiftctb of ihevcdsao.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...

EUVD-2010-2106

Malware in sbrugna...

CVE-2023-2106

Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20...

CVE-2013-2106

webauth before 4.6.1 has authentication credential disclosure...

CVE-2025-2106

creationtimestamp| type| source ---|---|--- 2025-03-13 04:30:44+00:00| seen| Telegram/1dmDNu67PJ1QF1um8GixQtYaB6xOH24Lc5YQ6NksCpdAbzg 2025-03-13 04:44:56+00:00| seen| https://t.me/cvedetector/20179 2025-03-14 14:45:18+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7561...

Siemens SCALANCE X-200RNA Switch Devices Integer Overflow or Wraparound (CVE-2016-2106)

Integer overflow in the EVPEncryptUpdate function in crypto/evp/evpenc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service heap memory corruption via a large amount of data. This plugin only works with Tenable.ot. Please visit...

Linux Distros Unpatched Vulnerability : CVE-2016-2106

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the EVPEncryptUpdate function in crypto/evp/evpenc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a...

RHEL 4 : openssl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssl: Memory corruption in the ASN.1 encoder CVE-2016-2108 - Integer overflow in the EVPEncodeUpdate...

CVE-2024-2106

CVE-2024-2106 affects MasterStudy LMS WordPress Plugin

CVE-2024-2106 MasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.2.10 - Basic Information Exposure via REST route

The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vulnerable to Information Exposure in versions up to, and including, 3.2.10. This can allow unauthenticated attackers to extract sensitive data including all registered user's username and email...

WordPress MasterStudy LMS Plugin <= 3.2.10 is vulnerable to Sensitive Data Exposure

Software MasterStudy LMS Type Plugin Vulnerable versions = 3.2.10 Fixed in 3.2.11 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-2106 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 809a15eb7a2b Credits Hiroho Shimada Required...

Malicious code in wlwz-2312-2106 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e0d8f0fd12caddfde7061c2a18a76e9c1120f04f696a7813cbf09dfccaf25432 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Amazon Linux 2 : flac (ALAS-2023-2106)

The version of flac installed on the remote host is prior to 1.3.0-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2106 advisory. An out-of-bounds write vulnerability was found in libFlak. The vulnerability occurs due to a missing bounds check. This flaw allows a...

CVE-2023-2106

CVE-2023-2106 affects Calibre-Web (janeczku/calibre-web) versions prior to 0.6.20. The root cause is a weak password policy implemented in the project, allowing login credentials that do not meet stronger complexity requirements. Documented impact indicates potential exposure of credentials and u...

K07538415: Multiple OpenSSL vulnerabilities

Security Advisory Description On May 3, 2016, OpenSSL announced the discovery of the following vulnerabilities: CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176 For the complete announcement from OpenSSL, refer to OpenSSL Security Advisory 3rd May 2016. Note :...

SUSE CVE-2012-2106

Integer overflow in the pvimport function in util/pvimport.c in Csound 5.16.6, when converting a file, allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow...

EulerOS Virtualization 2.10.1 : cifs-utils (EulerOS-SA-2022-2106)

According to the versions of the cifs-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to...

CVE-2022-2106

creationtimestamp| type| source ---|---|--- 2022-06-27 20:34:51+00:00| seen| https://t.me/cibsecurity/45196...

CVE-2022-2106

Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables authenticated administrator-level users to perform path traversal attacks and specify arbitrary files...