CVE-2026-2113

A security vulnerability has been detected in yuan1994 tpadmin up to 1.3.12. This affects an unknown part in the library /public/static/admin/lib/webuploader/0.1.5/server/preview.php of the component WebUploader. The manipulation leads to deserialization. The attack is possible to be carried out...

MiracleLinux 3 : libtiff-3.8.2-15.AXS3 (AXSA:2012-688:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-688:02 advisory. The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. TIFF is a widely used file...

EUVD-2026-2113

Use of uninitialized resource in Dynamic Root of Trust for Measurement DRTM allows an authorized attacker to disclose information locally...

CVE-2019-2113

In setup wizard there is a bypass of some checks when wifi connection is skipped. This could lead to factory reset protection bypass with no additional privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-122597079...

CVE-2002-2113

search.cgi in AGH HTMLsearch 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the template parameter...

CVE-2025-2113

creationtimestamp| type| source ---|---|--- 2025-03-09 03:36:15+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6954 2025-03-09 05:00:22+00:00| published-proof-of-concept| Telegram/htiMuLQLlJY4Yps6SzK08AFZuyspPQOLimZ3JJWaRywcP0g 2025-03-09 05:24:16+00:00| seen|...

CVE-2025-2113

A vulnerability was found in AT Software Solutions ATSVD up to 3.4.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Esqueceu a senha. The manipulation of the argument txtCPF leads to sql injection. The attack may be launched remotely. The...

CVE-2025-2113

A vulnerability was found in AT Software Solutions ATSVD up to 3.4.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Esqueceu a senha. The manipulation of the argument txtCPF leads to sql injection. The attack may be launched remotely. The...

CVE-2025-2113 AT Software Solutions ATSVD Esqueceu a senha sql injection

A vulnerability was found in AT Software Solutions ATSVD up to 3.4.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Esqueceu a senha. The manipulation of the argument txtCPF leads to sql injection. The attack may be launched remotely. The...

CVE-2025-2113 AT Software Solutions ATSVD Esqueceu a senha sql injection

A vulnerability was found in AT Software Solutions ATSVD up to 3.4.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Esqueceu a senha. The manipulation of the argument txtCPF leads to sql injection. The attack may be launched remotely. The...

CVE-2022-2113

Cross-site Scripting XSS - Stored in GitHub repository inventree/inventree prior to 0.7.2...

Dell 3000cn Improper Authentication (CVE-2006-2113)

The embedded HTTP server in Fuji Xerox Printing Systems FXPS print engine, as used in products including 1 Dell 3000cn through 5110cn and 2 Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not properly perform authentication for HTTP requests, which...

Moderate: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

Rockwell Automation Stratix Cisco IOS Software Crafted IPv6 Packet Denial of Service (CVE-2014-2113)

A vulnerability in the implementation of the IP version 6 IPv6 protocol stack in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause I/O memory depletion on an affected device that has IPv6 enabled. The vulnerability is triggered when an affected...

CVE-2023-2113 Autoptimize < 3.1.7 - Admin+ Stored Cross-Site Scripting via Settings Import

The Autoptimize WordPress plugin before 3.1.7 does not sanitise and escape the settings imported from a previous export, allowing high privileged users such as an administrator to inject arbitrary javascript into the admin panel, even when the unfilteredhtml capability is disabled, such as in a...

CVE-2023-2113

Summary: CVE-2023-2113 affects the Autoptimize WordPress plugin prior to 3.1.7. The vulnerability arises from failing to sanitize and escape settings imported from a previous export, enabling a high-privilege user (e.g., an administrator) to inject arbitrary JavaScript into the admin panel (store...

WordPress Autoptimize Plugin < 3.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Autoptimize Type Plugin Vulnerable versions 3.1.7 Fixed in 3.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2113 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 45f6a5c2bef1 Credits Juampa Rodríguez Required...

Advisory ROSA-SA-2023-2113

Software: kernel 3.10.0-1160.83.1.el7 OS: rosa-server79 packageevrstring: kernel-3.10.0-1160.83.1.el7 CVE-ID: CVE-2023-0179 BDU-ID: 2023-00383 CVE-Crit: HIGH CVE-DESC: A vulnerability in the netfilter component of the Linux operating system kernel is related to a stack buffer overflow in nftables...

CVE-2022-2113

Cross-site Scripting XSS - Stored in GitHub repository inventree/inventree prior to 0.7.2...

CVE-2022-2113 Cross-site Scripting (XSS) - Stored in inventree/inventree

Cross-site Scripting XSS - Stored in GitHub repository inventree/inventree prior to 0.7.2...