CVE-2026-2191

A weakness has been identified in Tenda AC9 15.03.06.42multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could ...

CVE-2026-2191

creationtimestamp| type| source ---|---|--- 2026-02-09 01:30:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mefcetoa5j26 2026-02-09 01:30:47+00:00| seen| https://infosec.exchange/users/offseq/statuses/116038082807857622...

CVE-2026-2191

A weakness has been identified in Tenda AC9 15.03.06.42multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could ...

EUVD-2026-2191

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...

CVE-2019-2191

In LG's LAF component, there is a possible leak of information in a protected disk partition due to a missing bounds check. This could lead to local information disclosure via USB with User execution privileges needed. User interaction is not required for exploitation.Product: AndroidVersions:...

EUVD-2020-2191

Malware in sbrugna...

EUVD-2022-2191

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-2191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1...

CVE-2002-2191

Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in the HTTP banner...

CVE-2025-2191

A vulnerability, which was classified as problematic, has been found in Claro A7600-A1 RNR4-A72T-2x16v2110403CLA32160817. Affected by this issue is some unknown functionality of the file /form2pingv6.cgi of the component Ping6 Diagnóstico. The manipulation of the argument ip6addr with the input...

CVE-2025-2191

creationtimestamp| type| source ---|---|--- 2025-03-11 14:05:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lk4af5yobl26 2025-03-11 15:57:16+00:00| seen| https://t.me/cvedetector/20085...

CVE-2025-2191

A vulnerability, which was classified as problematic, has been found in Claro A7600-A1 RNR4-A72T-2x16v2110403CLA32160817. Affected by this issue is some unknown functionality of the file /form2pingv6.cgi of the component Ping6 Diagnóstico. The manipulation of the argument ip6addr with the input...

CVE-2025-2191 Claro A7600-A1 Ping6 Diagnóstico form2pingv6.cgi cross site scripting

A vulnerability, which was classified as problematic, has been found in Claro A7600-A1 RNR4-A72T-2x16v2110403CLA32160817. Affected by this issue is some unknown functionality of the file /form2pingv6.cgi of the component Ping6 Diagnóstico. The manipulation of the argument ip6addr with the input...

CVE-2025-2191

The CVE-2025-2191 entry concerns Claro A7600-A1 Ping6 Diagnóstico, specifically the file /form2pingv6.cgi. The vulnerability is an input manipulation of the ip6addr parameter (example payload ) that leads to cross-site scripting. Public exploit information exists, and the attack surface is remote...

Linux Distros Unpatched Vulnerability : CVE-2015-2191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the dissecttnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4...

Linux Distros Unpatched Vulnerability : CVE-2016-2191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bmpreadrows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service invalid memory write and crash via ...

CVE-2024-2191 Improper Access Control in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows merge request title to be visible publicly despite being set as project members only...

CVE-2024-2191 Improper Access Control in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows merge request title to be visible publicly despite being set as project members only...

Statement on Jetty vulnerabilities in Brocade SANav

A Security Researcher performing penetration testing raises CVEs in the Jetty version used by Brocade SANnav v2.1.1. Brocade Statement All supported versions of Brocade SANnav do not directly use Jetty. The code is present within some versions of the SANnav product as it is contained within other...

Amazon Linux 2 : qemu (ALAS-2023-2191)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2191 advisory. There is a vulnerability in the lsi53c895a device which affects the latest version of qemu. The carefully designed PoC can repeatedly...