EUVD-2026-2111

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2019-2111

In loop of DnsTlsSocket.cpp, there is a possible heap memory corruption due to a use after free. This could lead to remote code execution in the netd server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9...

CVE-2025-2111

creationtimestamp| type| source ---|---|--- 2025-04-19 06:00:15+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12575 2025-04-19 07:08:24+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln5laad2rsu2 2025-04-19...

CVE-2025-2111 WP Headers And Footers <= 3.1.1 - Cross-Site Request Forgery to Arbitrary Options Update

The Insert Headers And Footers plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.1. This is due to missing or incorrect nonce validation on the 'custompluginsetoption' function. This makes it possible for unauthenticated attackers to update...

WordPress WP Headers And Footers plugin <= 3.1.1 - Cross-Site Request Forgery to Arbitrary Options Update vulnerability

Cross-Site Request Forgery to Arbitrary Options Update vulnerability discovered by Carlos Ferreira in WordPress Plugin Insert Headers And Footers versions = 3.1.1...

Linux Distros Unpatched Vulnerability : CVE-2016-2111

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote...

CVE-2024-2111

CVE-2024-2111 affects the WordPress plugin Events Manager (Calendar, Bookings, Tickets, etc.). The Red Hat and CVE records confirm a Stored Cross-Site Scripting vulnerability via the physical location value in all versions up to 6.4.7.1, caused by insufficient input sanitization and output escapi...

WordPress Events Manager Plugin <= 6.4.7.1 is vulnerable to Cross Site Scripting (XSS)

Software Events Manager Type Plugin Vulnerable versions = 6.4.7.1 Fixed in 6.4.7.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2111 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b5294cf8d915 Credits Tim Coen Required...

CVE-2023-2111

The Fast & Effective Popups & Lead-Generation for WordPress plugin before 2.1.4 concatenates user input into an SQL query without escaping it first in the plugin's report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the site's...

CVE-2023-2111

The Fast & Effective Popups & Lead-Generation for WordPress plugin before 2.1.4 concatenates user input into an SQL query without escaping it first in the plugin's report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the site's...

CVE-2023-2111 HollerBox < 2.1.4 - Admin+ SQL Injection

The Fast & Effective Popups & Lead-Generation for WordPress plugin before 2.1.4 concatenates user input into an SQL query without escaping it first in the plugin's report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the site's...

CVE-2023-2111 HollerBox < 2.1.4 - Admin+ SQL Injection

The Fast & Effective Popups & Lead-Generation for WordPress plugin before 2.1.4 concatenates user input into an SQL query without escaping it first in the plugin's report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the site's...

CVE-2023-2111

CVE-2023-2111 affects the WordPress plugin HollerBox (Fast & Effective Popups & Lead-Generation) up to version 2.1.3. The root cause is that user input is concatenated into an SQL query in the plugin’s report API endpoint without proper escaping, enabling potential information disclosure in multi...

WordPress HollerBox Plugin <= 2.1.3 is vulnerable to SQL Injection

Software HollerBox Type Plugin Vulnerable versions = 2.1.3 Fixed in 2.1.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-2111 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 81f314d3ef98 Credits rSolutions Security Team Required privilege Administrato...

openSUSE: Security Advisory for the (SUSE-SU-2022:2111-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2022-2111

creationtimestamp| type| source ---|---|--- 2022-06-17 16:23:32+00:00| seen| https://t.me/cibsecurity/44723...

CVE-2022-2111

Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0.7.2...

CVE-2022-2111

CVE-2022-2111 covers an unrestrictive file upload vulnerability in the InvenTree project (inventree/inventree) for versions prior to 0.7.2. The issue arises from insufficient validation of uploaded files, allowing an attacker to upload potentially dangerous files and, when opened, execute arbitra...

CVE-2022-2111 Unrestricted Upload of File with Dangerous Type in inventree/inventree

Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0.7.2...

Slackware: Security Advisory (SSA:2016-106-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...