CVE-2026-2186

A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public a...

CVE-2026-2186 Tenda RX3 SetIpMacBind fromSetIpMacBind stack-based overflow

A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public a...

EUVD-2026-2186

Improper input validation in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to perform tampering over a network...

CVE-2019-2186

In GetMBheader of combineddecode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.1.1 Android-7.1.2...

CVE-2023-2186

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...

CVE-2022-2186

The Simple Post Notes WordPress plugin before 1.7.6 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2020-2186

A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.50.1 and earlier allows attackers to provision instances...

CVE-2002-2186

Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the source code of .JSP files via Unicode encoded character values in a URL...

CVE-2025-2186

creationtimestamp| type| source ---|---|--- 2025-03-22 13:39:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkxtza7vvq2x 2025-03-22 14:00:34+00:00| seen| Telegram/1ETDR3cINztmrc4FfbKm5GJx5h-N5WBr3FoPGxl4NIHDSU 2025-03-22 17:03:54+00:00| seen| https://t.me/cvedetector/20875...

CVE-2025-2186

CVE-2025-2186 affects the FunnelKit Automations (Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation) WordPress plugin. Connected sources confirm an unauthenticated SQL Injection via the automationId parameter in all versions up to 3.5.1, caused by insufficient...

Linux Distros Unpatched Vulnerability : CVE-2016-2186

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The powermateprobe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of servic...

RHEL 7 : kernel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kernel: out of bounds read in drivers/media/usb/dvb-usb/technisat-usb2.c CVE-2019-15505 - kernel: lack of...

CVE-2024-2186

CVE-2024-2186: Beaver Builder Addons by WPZOOM for WordPress is susceptible to Stored XSS via the Team Members widget in all versions

CVE-2024-2186 Beaver Builder Addons by WPZOOM <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Members Widget

The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Team Members widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2013-2186

creationtimestamp| type| source ---|---|--- 2023-12-06 17:22:13+00:00| seen| https://t.me/arpsyndicate/1517...

Amazon Linux 2 : golang (ALAS-2023-2186)

The version of golang installed on the remote host is prior to 1.20.6-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2186 advisory. The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional...

Huawei EulerOS: Security Advisory for colord (EulerOS-SA-2023-2186)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-2186

creationtimestamp| type| source ---|---|--- 2023-06-07 12:29:57+00:00| seen| https://t.me/cibsecurity/65030...

CVE-2023-2186

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...

CVE-2023-2186

CVE-2023-2186 affects Triangle MicroWorks SCADA Data Gateway