OESA-2026-2121 qt5-qtwebengine security update

Qt5 - QtWebEngine components. Security Fixes: Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: MediumCVE-2025-1919...

MiracleLinux 3 : kvm-83-266.0.1.AXS3.1 (AXSA:2014-242:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-242:01 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines...

MiracleLinux 4 : kernel-2.6.32-220.23.1.el6 (AXSA:2012-646:05)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-646:05 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

EUVD-2026-2121

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally...

CVE-2019-2121

In ActivityManagerService.attachApplication of ActivityManagerService, there is a possible race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Andro...

EUVD-2010-4929

Malware in sbrugna...

EUVD-2020-2121

Malware in sbrugna...

EUVD-2023-1807

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-2121

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OFFIS DCMTK's All versions prior to 3.6.7 has a NULL pointer dereference vulnerability while processing DICOM files, which may result in a denial-of-service...

CVE-2010-4964

recordertest.cgi on the D-Link DCS-2121 camera with firmware 1.04 allows remote attackers to execute arbitrary commands via shell metacharacters in the Password field, related to a "semicolon injection" vulnerability...

CVE-2010-4965

/etc/rc.d/rc.local on the D-Link DCS-2121 camera with firmware 1.04 configures a hardcoded password of admin for the root account, which makes it easier for remote attackers to obtain shell access by leveraging a running telnetd server...

Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to Cross-site Scripting in Vault (CVE-2023-2121)

Summary Vault is used by IBM Storage Fusion Data Foundation in mcg, ocs, odr, cephcsi, multicluster, and odr operators as part of credential management. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2023-2121. Vulnerability...

CVE-2025-2121

A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected is an unknown function of the component File Storage. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been...

CVE-2025-2121

CVE-2025-2121 affects Thinkware Car Dashcam F800 Pro up to 20250226. The vulnerability resides in the File Storage component, with an unknown function enabling improper access controls exploitable from the local network. The exploit has been publicly disclosed and the vendor has not responded. A ...

CVE-2025-2121 Thinkware Car Dashcam F800 Pro File Storage access control

A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected is an unknown function of the component File Storage. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : DCMTK vulnerabilities (USN-7010-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7010-1 advisory. Jinsheng Ba discovered that DCMTK incorrectly handled certain requests. If a user or an automated system...

SUSE SLES15 Security Update : kernel (Live Patch 47 for SLE 15 SP2) (SUSE-SU-2024:2121-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2121-1 advisory. This update for the Linux Kernel 5.3.18-15020024188 fixes several issues. The following security issues were fixed: - CVE-2021-46955: Fixed an...

CVE-2024-2121

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Carousel widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...

CVE-2024-2121 Elementor Website Builder Pro <= 3.20.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Carousel widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...

CVE-2024-2121

The CVE CVE-2024-2121 affects the Elementor Website Builder Pro WordPress plugin. It enables Stored Cross-Site Scripting via the Media Carousel widget in all versions up to 3.20.1, caused by insufficient input sanitization and output escaping on user-supplied attributes. Attackers with contributo...