RHSA-2026:2220 Red Hat Security Advisory: thunderbird security update

Bulletin has no description...

MiracleLinux 8 : container-tools:rhel8 (AXSA:2021-2220:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2220:01 advisory. golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference CVE-2020-29652 podman: Remote traffic to rootless containers ...

EUVD-2026-2220

In Eptura Archibus 2024.03.01.109, the "Run script" and "Server File" components of the "Database Update Wizard" are vulnerable to directory traversal...

CVE-2019-2220

In checkOperation of AppOpsService.java, there is a possible bypass of user interaction requirements due to mishandling application suspend. This could lead to local information disclosure no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2021-2220

Vulnerability in the PeopleSoft Enterprise SCM eProcurement product of Oracle PeopleSoft component: Manage Requisition Status. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

CVE-2010-2220

Adobe Flash Media Server FMS before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service via unspecified vectors, related to an "input validation issue."...

CVE-2013-2220

Buffer overflow in the radiusgetvendorattr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large Vendor Specific Attributes VSA length value...

CVE-2002-2220

Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors...

CVE-2025-2220

A vulnerability was found in Odyssey CMS up to 10.34. It has been classified as problematic. Affected is an unknown function of the file /modules/odysseycontactform/odysseycontactform.php of the component reCAPTCHA Handler. The manipulation of the argument g-recaptcha-response leads to key...

CVE-2025-2220

A vulnerability was found in Odyssey CMS up to 10.34. It has been classified as problematic. Affected is an unknown function of the file /modules/odysseycontactform/odysseycontactform.php of the component reCAPTCHA Handler. The manipulation of the argument g-recaptcha-response leads to key...

CVE-2025-2220

creationtimestamp| type| source ---|---|--- 2025-03-12 01:41:12+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7256 2025-08-13 13:26:34+00:00| seen| MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868...

CVE-2025-2220

Odyssey CMS up to version 10.34 is affected by a vulnerability in the reCAPTCHA Handler, specifically in /modules/odyssey_contact_form/odyssey_contact_form.php. The issue arises from manipulating the g-recaptcha-response argument, leading to a key management error. Local access is required to exp...

CVE-2025-2220 Odyssey CMS reCAPTCHA odyssey_contact_form.php key management

A vulnerability was found in Odyssey CMS up to 10.34. It has been classified as problematic. Affected is an unknown function of the file /modules/odysseycontactform/odysseycontactform.php of the component reCAPTCHA Handler. The manipulation of the argument g-recaptcha-response leads to key...

Huawei EulerOS: Security Advisory for mod_http2 (EulerOS-SA-2024-2220)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-2220 Button contact VR <= 4.7 - Admin+ Stored XSS

The Button contact VR WordPress plugin through 4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress Button contact VR Plugin < 4.7.7 is vulnerable to Cross Site Scripting (XSS)

Software Button contact VR Type Plugin Vulnerable versions 4.7.7 Fixed in 4.7.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2220 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2f62fd31490e Credits Dmitrii Ignatyev Require...

Amazon Linux 2 : libgovirt (ALAS-2023-2220)

The version of libgovirt installed on the remote host is prior to 0.3.4-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2220 advisory. Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A...

CVE-2023-2220

creationtimestamp| type| source ---|---|--- 2023-04-21 16:31:46+00:00| seen| https://t.me/cibsecurity/62598...

CVE-2023-2220

A vulnerability was found in Dream Technology mica up to 3.0.5. It has been classified as problematic. Affected is an unknown function of the component Form Object Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. VDB-226986 is the identifier...

CVE-2023-2220

Dream Technology mica, versions up to 3.0.5, contains an XSS vulnerability in the Form Object Handler that can be triggered remotely. The issue affects an unknown function within that component and is classified as problematic with potential cross-site scripting. Several connected sources corrobo...