MiracleLinux 4 : gnutls-2.8.5-10.2.0.1.AXS4 (AXSA:2013-469:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-469:02 advisory. GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implements the...

EUVD-2026-2116

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally...

EUVD-2019-2116

Malware in sbrugna...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2025-2116)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-2116

Cross-site request forgery CSRF vulnerability in the Commerce Reorder module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that add items to the shopping cart...

CVE-2025-2116

creationtimestamp| type| source ---|---|--- 2025-03-09 07:39:30+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6959 2025-03-09 09:35:10+00:00| seen| https://t.me/cvedetector/19913 2025-03-09 10:38:05+00:00| seen| Telegram/iEwpHinx09XMkwZl4NhrEp44NnygjsLDb-5gDFrI-Fpqma...

CVE-2025-2116

A vulnerability has been found in Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System 3.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /newsedit/newsedit/xy/imageProxy.do of the component File Protocol Handle...

CVE-2025-2116

CVE-2025-2116 affects Beijing Founder Electronics’ Founder Enjoys All-Media Acquisition and Editing System 3.0. The vulnerability exists in the File Protocol Handler’s /newsedit/newsedit/xy/imageProxy.do, where manipulating the xyImgUrl parameter enables server-side request forgery. The issue is ...

CVE-2025-2116 Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System File Protocol imageProxy.do server-side request forgery

A vulnerability has been found in Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System 3.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /newsedit/newsedit/xy/imageProxy.do of the component File Protocol Handle...

CVE-2025-2116 Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System File Protocol imageProxy.do server-side request forgery

A vulnerability has been found in Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System 3.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /newsedit/newsedit/xy/imageProxy.do of the component File Protocol Handle...

Linux Distros Unpatched Vulnerability : CVE-2016-2116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory leak in the jasiccprofcreatefrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service memory consumption via a...

CentOS 7 : buildah (RHSA-2020:2116)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2116 advisory. - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious containe...

RHEL 7 : jasper (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jasper: heap-based buffer over-read of size 8 in jasimagedepalettize in libjasper/base/jasimage.c...

CVE-2024-2116 Christmas Greetings <= 1.2.5 - Reflected Cross-Site Scripting

The Christmas Greetings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the code parameter in all versions up to, and including, 1.2.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

WordPress Christmas Greetings Plugin <= 1.2.7 is vulnerable to Cross Site Scripting (XSS)

Software Christmas Greetings Type Plugin Vulnerable versions = 1.2.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2116 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 410abc2ecae6 Credits Lucio Sá Require...

Amazon Linux 2 : fribidi (ALAS-2023-2116)

The version of fribidi installed on the remote host is prior to 1.0.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2116 advisory. A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially...

CVE-2022-2116 Elementor Contact Form DB < 1.8.0 - Reflected Cross-Site Scripting

The Contact Form DB WordPress plugin before 1.8.0 does not sanitise and escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting...

CVE-2022-2116

CVE-2022-2116 affects the WordPress plugin Elementor Contact Form DB prior to version 1.8.0. The root cause is insufficient sanitisation/escaping of certain parameters when echoed back in HTML attributes, leading to a Reflected Cross-Site Scripting vulnerability. The exposed impact is a client-si...

SUSE: Security Advisory (SUSE-SU-2013:1060-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2014:0320-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...