CVE-2015-2138

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none...

CVE-2026-2138

A vulnerability was found in Tenda TX9 up to 22.03.02.10multi. Affected is the function sub42D03C of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...

EUVD-2026-2138

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally...

CVE-2019-2138

In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118494320...

ECHO-B0F2-2138-6028

Bulletin has no description...

EUVD-2014-2663

Malware in sbrugna...

EUVD-2021-16597

Malware in sbrugna...

CVE-2012-2138

The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle before 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a descendant node, which allows remote attackers to cause a denial of service infinite loop via a crafted HTTP request...

CVE-2024-2138

creationtimestamp| type| source ---|---|--- 2024-04-11 05:40:03+00:00| seen| https://t.me/arpsyndicate/4444...

CVE-2024-2138

The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Animated Box widget in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress JetWidgets For Elementor Plugin <= 1.0.15 is vulnerable to Cross Site Scripting (XSS)

Software JetWidgets For Elementor Type Plugin Vulnerable versions = 1.0.15 Fixed in 1.0.16 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2138 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1b9d613d73ad Credits Francesco...

CVE-2023-2138

creationtimestamp| type| source ---|---|--- 2023-04-18 07:28:48+00:00| seen| https://t.me/cibsecurity/62336...

CVE-2023-2138

Use of Hard-coded Credentials in GitHub repository nuxtlabs/github-module prior to 1.6.2...

CVE-2023-2138

CVE-2023-2138 affects nuxtlabs/github-module prior to version 1.6.2. The root cause is a hard-coded GitHub token embedded in the module’s source, which granted access to multiple Nuxt-related GitHub repositories. The issue is described consistently across multiple sources (including Red Hat, GitH...

CVE-2023-2138 Use of Hard-coded Credentials in nuxtlabs/github-module

Use of Hard-coded Credentials in GitHub repository nuxtlabs/github-module prior to 1.6.2...

CVE-2023-2138 Use of Hard-coded Credentials in nuxtlabs/github-module

Use of Hard-coded Credentials in GitHub repository nuxtlabs/github-module prior to 1.6.2...

CVE-2016-2138

In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in xssclean in class/KippoInput.class.php...

CVE-2016-2138

The CVE-2016-2138 entry concerns kippo-graph prior to version 1.5.1. The vulnerability is a cross-site scripting issue in xss_clean() within class/KippoInput.class.php, as described across multiple connected records (Red Hat, OSV, NVD, and related security trackers). Impact details in the sources...

CVE-2022-2138 Advantech iView

The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition...

com.activecq.tools.quickimage:core (=1.0.0), com.adobe.cq.commerce:cq-commerce-hybris-impl (>=5.5.0 <=6.4.4) +19 more potentially affected by CVE-2012-2138 via org.apache.sling:org.apache.sling.servlets.post (>=2.0.4-incubator <=2.1.0)

org.apache.sling:org.apache.sling.servlets.post MAVEN version =2.0.4-incubator, =5.5.0, =5.5.0, =5.3.0, =5.3.0, =5.4.0, =1.0.8, =1.0.12, =1.0.6, =5.5.0, =5.6.2, =5.4.0, =5.6.8 and more Source cves: CVE-2012-2138 Source advisory: OSV:GHSA-342C-F869-5M44...