CVE-2026-2216

A flaw has been found in rachelos WeRSS we-mp-rss up to 1.4.8. Impacted is the function downloadexportfile of the file apis/tools.py. Executing a manipulation of the argument filename can lead to path traversal. The attack can be launched remotely. The exploit has been published and may be used...

EUVD-2026-2216

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario. Improper resource management and reference counting on an internal resource caused scenario where potentia...

Linux Distros Unpatched Vulnerability : CVE-2016-2216

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 through 0.11.16, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allows remo...

CVE-2025-2216

creationtimestamp| type| source ---|---|--- 2025-08-13 13:26:34+00:00| seen| MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868...

CVE-2023-2216

A vulnerability classified as problematic was found in Campcodes Coffee Shop POS System 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Users.php. The manipulation of the argument firstname leads to cross site scripting. The attack can be launched remotely. Th...

CVE-2021-2216

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Multichannel Framework. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSo...

CVE-2020-2216

A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified username and password...

CVE-2025-2216

A vulnerability, which was classified as critical, has been found in zzskzy Warehouse Refinement Management System 1.3. Affected by this issue is the function UploadCrash of the file /crash/log/SaveCrash.ashx. The manipulation of the argument file leads to unrestricted upload. The attack may be...

CVE-2025-2216 zzskzy Warehouse Refinement Management System SaveCrash.ashx UploadCrash unrestricted upload

A vulnerability, which was classified as critical, has been found in zzskzy Warehouse Refinement Management System 1.3. Affected by this issue is the function UploadCrash of the file /crash/log/SaveCrash.ashx. The manipulation of the argument file leads to unrestricted upload. The attack may be...

CVE-2022-2216

Server-Side Request Forgery SSRF in GitHub repository ionicabizau/parse-url prior to 7.0.0...

frr security update

7.5.1-22.0.1 - Fix POSTIN scriptlet Orabug: 34712485 - Resolves: RHEL-15916 - Flowspec overflow in bgpd/bgpflowspec.c - Resolves: RHEL-15919 - Out of bounds read in bgpd/bgplabel.c - Resolves: RHEL-15869 - crash from specially crafted MPUNREACHNLRI-containing BGP UPDATE message - Resolves:...

CVE-2024-2216

A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting futu...

CVE-2024-2216

CVE-2024-2216 affects the Jenkins docker-build-step Plugin (versions 2.11 and earlier). The issue is a missing permission check on an HTTP endpoint, allowing attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL and to reconfigure the plugin using the p...

Amazon Linux 2 : tomcat (ALAS-2023-2216)

The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2216 advisory. A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some...

Oracle Linux 9 : gdk-pixbuf2 (ELSA-2023-2216)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2216 advisory. - Backport fixes for CVE-2021-46829 and CVE-2021-44648 Tenable has extracted the preceding description block directly from the Oracle Linux security...

RHEL 9 : gdk-pixbuf2 (RHSA-2023:2216)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2216 advisory. The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by...

CVE-2023-2216

creationtimestamp| type| source ---|---|--- 2023-04-21 14:41:52+00:00| seen| https://t.me/cibsecurity/62585...

CVE-2023-2216

CVE-2023-2216 affects Campcodes Coffee Shop POS System v1.0. The vulnerability is in an unknown functionality of /classes/Users.php where manipulating the firstname parameter triggers cross-site scripting. Attacks can be launched remotely and the exploit has been publicly disclosed. No patch/vers...

SUSE SLES15 Security Update : kernel (Live Patch 16 for SLE 15 SP3) (SUSE-SU-2022:2216-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2216-1 advisory. - Integer Overflow or Wraparound vulnerability in iouring of Linux Kernel allows local attacker to cause memory corruption and...

CVE-2022-2216

creationtimestamp| type| source ---|---|--- 2022-06-27 16:34:42+00:00| seen| https://t.me/cibsecurity/45182 2023-12-14 12:30:26+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/8127...