RHEL 9 : kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_134_1, kpatch-patch-5_14_0-284_148_1, and kpatch-patch-5_14_0-284_92_1 (RHSA-2026:2115)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2115 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module i...

EUVD-2026-2115

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally...

CVE-2002-2115

Cross-site scripting XSS vulnerability in Hyper NIKKI System HNS Lite before 0.9 and HNS before 2.10-pl2 allows remote attackers to inject arbitrary web script or HTML...

CVE-2019-2115

creationtimestamp| type| source ---|---|--- 2025-03-13 04:00:06+00:00| published-proof-of-concept| Telegram/qOzdN-Uct2FPXOyeZs4Q0WHefgZgNsqjNIFH8ymESqNzWI...

CVE-2025-2115

creationtimestamp| type| source ---|---|--- 2025-03-09 06:55:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljwhfycaym2s 2025-03-09 09:35:12+00:00| seen| https://t.me/cvedetector/19916 2025-03-09 10:38:05+00:00| seen| Telegram/C0TFlwi8EvGC4AjEJI7j6XiiBiVQph3KrBke9fkpgQ6LeWbh...

CVE-2025-2115

A vulnerability, which was classified as critical, was found in zzskzy Warehouse Refinement Management System 3.1. Affected is the function ProcessRequest of the file /AcceptZip.ashx. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely...

CVE-2025-2115

CVE-2025-2115 affects zzskzy Warehouse Refinement Management System 3.1. The flaw is in ProcessRequest of the file /AcceptZip.ashx, where manipulating the argument file results in unrestricted upload. Attacks can be launched remotely, and publicly disclosed exploits exist. Multiple connected sour...

CVE-2025-2115 zzskzy Warehouse Refinement Management System AcceptZip.ashx ProcessRequest unrestricted upload

A vulnerability, which was classified as critical, was found in zzskzy Warehouse Refinement Management System 3.1. Affected is the function ProcessRequest of the file /AcceptZip.ashx. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely...

CVE-2025-2115 zzskzy Warehouse Refinement Management System AcceptZip.ashx ProcessRequest unrestricted upload

A vulnerability, which was classified as critical, was found in zzskzy Warehouse Refinement Management System 3.1. Affected is the function ProcessRequest of the file /AcceptZip.ashx. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely...

Linux Distros Unpatched Vulnerability : CVE-2016-2115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacnnp, which allows...

SolarWinds TFTP Server 10.4.0.10 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SolarWinds TFTP Server 10.4.0.10 Denial of Service' , 'Description' = %q The SolarWinds TFTP server can be shut down by sending a 'netascii' read...

CVE-2024-2115

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.0.0. This is due to missing or incorrect nonce validation on the filterusers functions. This makes it possible for unauthenticated attackers to elevate...

CVE-2024-2115

CVE-2024-2115 affects LearnPress – WordPress LMS Plugin up to version 4.0.0. Root cause: missing/incorrect nonce validation in filter_users leading to CSRF. Impact: unauthenticated attackers can elevate privileges to Teacher by tricking an admin into performing an action. Public details in connec...

Amazon Linux 2 : pidgin (ALAS-2023-2115)

The version of pidgin installed on the remote host is prior to 2.10.11-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2115 advisory. An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to...

Security Bulletin: Unauthorized access exposure on IBM SAN Volume Controller and Storwize Family (CVE-2013-2251, CVE-2013-2248 CVE-2013-2135, CVE-2013-2134, CVE-2013-2115, CVE-2013-1966 and CVE-2013-1965)

Summary Security Bulletin: Unauthorized access exposure on IBM SAN Volume Controller and Storwize Family CVE-2013-2251 CVE-2013-2248 CVE-2013-2135 CVE-2013-2134 CVE-2013-2115 CVE-2013-1966 CVE-2013-1965 Vulnerability Details Security Bulletin --- Summary --- Administrative access to the system vi...

Debian: Security Advisory (DLA-509-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-2115-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K53313971: Samba vulnerabilities CVE-2016-2110 and CVE-2016-2115

Security Advisory Description CVE-2016-2110 The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove...

CVE-2022-2115

creationtimestamp| type| source ---|---|--- 2022-07-25 16:32:59+00:00| seen| https://t.me/cibsecurity/46893...

CVE-2022-2115

CVE-2022-2115 affects the WordPress plugin Popup Anything, where versions before 2.1.7 do not sanitize or escape a parameter before echoing it on a frontend page, enabling reflected XSS. The root cause is improper input handling in output rendering (frontend page). Exploitation guidance is availa...