CVE-2026-2148

CVE-2026-2148 affects the Tenda AC21 Web Management Interface, specifically the unknown function in file /cgi-bin/DownloadFlash. The issue allows remote information disclosure through manipulation of that function. Multiple sources confirm the device is vulnerable on version 16.03.08.16, with the...

MiracleLinux 8 : kernel-4.18.0-305.el8 (AXSA:2021-2148:12)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2148:12 advisory. kernel: Integer overflow in IntelR Graphics Drivers CVE-2020-12362 kernel: memory leak in sofsetgetlargectrldata function in sound/soc/sof/ipc.c...

EUVD-2026-2148

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1_x86_64.whl

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1x8664.whl Vulnerability Details CVEID:CVE-2025-2148 DESCRIPTION: A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this...

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1_x86_64.whl

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1x8664.whl Vulnerability Details CVEID:CVE-2025-2148 DESCRIPTION: A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this...

K000156994: BusyBox vulnerability CVE-2016-2148

Security Advisory Description Heap-based buffer overflow in the DHCP client udhcpc in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION6RD parsing. CVE-2016-2148 Impact This vulnerability allows remote attackers to perform a Remote Code Executio...

Linux Distros Unpatched Vulnerability : CVE-2025-2148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function...

CVE-2022-2148

The LinkedIn Company Updates WordPress plugin through 1.5.3 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2019-2148

In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113508105...

CVE-2025-2148

creationtimestamp| type| source ---|---|--- 2025-03-10 14:38:46+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7001 2025-03-10 14:45:05+00:00| seen| Telegram/Cb-hB0eDwO2UCLKOEUZh7K1x1nZOZNucsg9e-ThBZJZaAGrD 2025-03-10 14:51:34+00:00| seen| https://t.me/cvedetector/19951...

21cmpsdenoiser (>=1.0.0 <=1.0.2), 2404-segmentation-pipeline (>=0.1.0 <=1.0.0) +22343 more potentially affected by CVE-2025-2148 via torch (>=2.0.0 <=2.11.0)

torch PYPI version =2.0.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.10.5, =0.1.0.dev1, =0.1.5 and more Source cves: CVE-2025-2148 Source advisory: OSV:PYSEC-2025-189...

3d-rcnet (>=0.1.0 <=0.2.3), 4996 (>=0.1.0 <=0.1.1) +1368 more potentially affected by CVE-2025-2148 via torch (>=1.0.0 <=1.13.1)

torch PYPI version =1.0.0, =0.1.0, =0.1.0, =0.2.4, =0.0.1b1, =1.0.32, =0.0.3, =2.1.17, =0.0.0.dev1, =0.2.3, =0.4.0, =0.6.3 and more Source cves: CVE-2025-2148 Source advisory: OSV:PYSEC-2025-189...

CVE-2025-2148 PyTorch Tuple torch.ops.profiler._call_end_callbacks_on_jit_fut memory corruption

A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.ops.profiler.callendcallbacksonjitfut of the component Tuple Handler. The manipulation of the argument None leads to memory corruption. The attack can be launch...

Linux Distros Unpatched Vulnerability : CVE-2016-2148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the DHCP client udhcpc in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION6RD...

CVE-2024-2148

creationtimestamp| type| source ---|---|--- 2024-03-03 18:32:13+00:00| seen| https://t.me/ctinow/198861 2024-03-03 18:32:15+00:00| seen| https://t.me/ctinow/198863...

CVE-2024-2148

CVE-2024-2148 affects SourceCodester Online Mobile Management Store 1.0. The vulnerability is in the file /classes/Users.php, where manipulating the img argument enables unrestricted file upload. This claim is supported by multiple sources in the connected data and indicates a remote attack surfa...

Amazon Linux 2 : qemu, --advisory ALAS2-2023-2148 (ALAS-2023-2148)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2148 advisory. A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including...

AlmaLinux 9 : kernel-rt (ALSA-2023:2148)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2148 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. CVE-2021-26341 - When sending...

CVE-2023-2148

CVE-2023-2148 affects Campcodes Online Thesis Archiving System 1.0, specifically the /admin/curriculum/view_curriculum.php component. The vulnerability arises from manipulating the id parameter, leading to SQL injection. Exploitation can be performed remotely, and the exploit was disclosed public...

SUSE: Security Advisory (SUSE-SU-2022:4253-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...