CVE-2026-2215 rachelos WeRSS we-mp-rss JWT auth.py default key

A vulnerability was detected in rachelos WeRSS we-mp-rss up to 1.4.8. This issue affects some unknown processing of the file core/auth.py of the component JWT Handler. Performing a manipulation of the argument SECRETKEY results in use of default cryptographic key. The attack can be initiated...

CVE-2026-2215

A vulnerability was detected in rachelos WeRSS we-mp-rss up to 1.4.8. This issue affects some unknown processing of the file core/auth.py of the component JWT Handler. Performing a manipulation of the argument SECRETKEY results in use of default cryptographic key. The attack can be initiated...

Exploit for Use After Free in Google Android

This is a proof-of-concept PoC exploit for CVE-2019-2215, a use-after-free vulnerability in the Android kernel. The exploit is designed to demonstrate the vulnerability and its potential impact on the system. The PoC exploit is written in C++ and uses the Clang compiler. It includes a function...

Exploit for Use After Free in Google Android

This is a proof-of-concept PoC application demonstrating the power of an Android kernel arbitrary R/W, specifically targeting CVE-2019-2215. The application, named Qu1ckR00t, is designed to exploit this vulnerability to achieve root access on an Android device. The exploit is implemented in the...

Linux Distros Unpatched Vulnerability : CVE-2019-2215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this...

Linux Distros Unpatched Vulnerability : CVE-2021-2215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 8.0.23 and prior. Easily...

Exploit for Use After Free in Google Android

This is a PoC Proof of Concept application demonstrating the power of an Android kernel arbitrary R/W, targeting CVE-2019-2215. The application is designed to exploit this vulnerability, which allows for arbitrary read and write access to the kernel. The exploit is implemented in the native/poc.c...

CVE-2023-2215

A vulnerability classified as critical has been found in Campcodes Coffee Shop POS System 1.0. Affected is an unknown function of the file /admin/user/manageuser.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2022-2215

The GiveWP WordPress plugin before 2.21.3 does not properly sanitise and escape the currency settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2020-2215

A cross-site request forgery vulnerability in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified username and password...

CVE-2015-2215

Open redirect vulnerability in the Services single sign-on server helper servicesssoserverhelper module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters...

CVE-2025-2215

creationtimestamp| type| source ---|---|--- 2025-03-11 23:40:50+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7253...

CVE-2024-2215

A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...

CVE-2024-2215

CVE-2024-2215 : CSRF vulnerability in Jenkins docker-build-step Plugin (version ≤ 2.11) allows an attacker to connect to an attacker-specified TCP/Unix socket URL and reconfigure the plugin using provided connection test parameters, impacting subsequent build step executions. The description from...

CVE-2024-2215

A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...

SUSE CVE-2021-2215

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

Advisory ROSA-SA-2023-2215

Software: vim 8.0.1763 OS: ROSA Virtualization 2.1 packageevrstring: vim-8.0.1763-19.rv3.4.src.rpm CVE-ID: CVE-2022-0392 BDU-ID: 2022-00992 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the getexmodeline exgetln.c function of the vim text editor is related to writing beyond buffer boundaries in...

SUSE SLES15 Security Update : dmidecode (SUSE-SU-2023:2215-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2215-1 advisory. - Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode...

CVE-2023-2215

creationtimestamp| type| source ---|---|--- 2023-04-21 14:44:56+00:00| seen| https://t.me/cibsecurity/62589 2023-10-12 13:36:56+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5384...

CVE-2023-2215

A vulnerability classified as critical has been found in Campcodes Coffee Shop POS System 1.0. Affected is an unknown function of the file /admin/user/manageuser.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been...