RHCOS 3 : OpenShift Container Platform 3.11 (RHSA-2020:2218)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2218 advisory. - containers/image: Container images read entire image manifest into memory CVE-2020-1702 Note that Nessus has not tested for this issue but...

CVE-2018-2218

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none...

EUVD-2026-2218

A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the contents of the dynamically generated webproc file, which records the username and password submitted to the router GUI...

CVE-2019-2218

In createSessionInternal of PackageInstallerService.java, there is a possible improper permission grant due to a missing permission check. This could lead to local escalation of privilege by installing malicious packages with User execution privileges needed. User interaction is not needed for...

EUVD-2009-2218

Malware in sbrugna...

CVE-2010-2218

Adobe Flash Media Server FMS before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service via unspecified vectors, related to a "JS method issue."...

CVE-2025-2218

creationtimestamp| type| source ---|---|--- 2025-03-12 16:41:19+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7338...

CVE-2025-2218 LoveCards LoveCardsV2 Setting other access control

A vulnerability has been found in LoveCards LoveCardsV2 up to 2.3.2 and classified as critical. This vulnerability affects unknown code of the file /api/system/other of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The...

CVE-2024-2218

The LuckyWP Table of Contents WordPress plugin through 2.1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-2218 LuckyWP Table of Contents <= 2.1.4 - Admin+ Stored XSS

The LuckyWP Table of Contents WordPress plugin through 2.1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-2218 LuckyWP Table of Contents <= 2.1.4 - Admin+ Stored XSS

The LuckyWP Table of Contents WordPress plugin through 2.1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress LuckyWP Table of Contents Plugin <= 2.1.5 is vulnerable to Cross Site Scripting (XSS)

Software LuckyWP Table of Contents Type Plugin Vulnerable versions = 2.1.5 Fixed in 2.1.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2218 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f253e02e4fa4 Credits Sławomir...

Amazon Linux 2 : amanda (ALAS-2023-2218)

The version of amanda installed on the remote host is prior to 3.3.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2218 advisory. An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The...

CVE-2023-2218

creationtimestamp| type| source ---|---|--- 2023-04-21 14:44:55+00:00| seen| https://t.me/cibsecurity/62588...

CVE-2023-2218

A vulnerability has been found in SourceCodester Task Reminder System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/user/manageuser.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2023-2218 SourceCodester Task Reminder System manage_user.php sql injection

A vulnerability has been found in SourceCodester Task Reminder System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/user/manageuser.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2023-2218

CVE-2023-2218 affects SourceCodester Task Reminder System 1.0, with a vulnerability in the file /admin/user/manage_user.php where the argument id is susceptible to SQL injection. The issue is exploitable remotely and, according to the sources, the exploit has been disclosed publicly. There is no ...

CVE-2022-2218

CVE-2022-2218 describes a stored XSS vulnerability in the parse-url library by ionicabizau, affecting versions prior to 7.0.0. The issue allows an attacker to place malicious JavaScript on a page via the vulnerable parse-url handling. The provided documents confirm the vulnerability but do not sp...

CVE-2021-2218

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Health Center. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterpris...

CVE-2021-2218

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Health Center. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterpris...