CVE-2026-2237

A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...

CVE-2026-2237

A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...

CVE-2026-2237

A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...

CVE-2026-2237

A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...

CVE-2019-2237

Failure in taking appropriate action to handle the error case If keypad gpio deactivation fails leads to silent failure scenario and subsequent logic gets executed everytime in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...

CVE-2005-2237

Format string vulnerability in the swcons command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via long command line arguments...

WordPress WP RealEstate plugin <= 1.6.26 - Authentication Bypass via 'process_register' vulnerability

Authentication Bypass via 'processregister' vulnerability discovered by Tonn in WordPress Plugin WP RealEstate versions = 1.6.26...

CVE-2025-2237

The WP RealEstate plugin for WordPress, used by the Homeo theme, is vulnerable to privilege escalation in all versions up to, and including, 1.6.26. This is due to insufficient role restrictions in the 'processregister' function. This makes it possible for unauthenticated attackers to register an...

CVE-2025-2237

creationtimestamp| type| source ---|---|--- 2025-04-01 11:34:30+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9872 2025-04-01 12:40:18+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3llqvfgouaa2v 2025-04-01 13:48:33+00:00| seen|...

CVE-2025-2237

CVE-2025-2237 affects WP RealEstate (WordPress plugin) with authentication bypass via process_register in all versions up to 1.6.26, allowing unauthenticated attackers to register as Administrator. Root cause: insufficient role restrictions in the plugin. Impact, as stated by trusted sources: una...

CVE-2025-2237 WP RealEstate <= 1.6.26 - Unauthenticated Privilege Escalation via 'process_register'

The WP RealEstate plugin for WordPress, used by the Homeo theme, is vulnerable to privilege escalation in all versions up to, and including, 1.6.26. This is due to insufficient role restrictions in the 'processregister' function. This makes it possible for unauthenticated attackers to register an...

CVE-2025-2237 WP RealEstate <= 1.6.26 - Unauthenticated Privilege Escalation via 'process_register'

The WP RealEstate plugin for WordPress, used by the Homeo theme, is vulnerable to privilege escalation in all versions up to, and including, 1.6.26. This is due to insufficient role restrictions in the 'processregister' function. This makes it possible for unauthenticated attackers to register an...

CVE-2022-2237

creationtimestamp| type| source ---|---|--- 2025-02-24 20:22:35+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5226...

RHEL 6 : openstack-keystone (RHSA-2014:0580)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0580 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The...

CGA-2237-MQ7R-X77X

Bulletin has no description...

CVE-2024-2237

Summary (CVE-2024-2237) The WordPress plugin “Premium Addons PRO” is reported with a Stored Cross‑Site Scripting flaw in the Global Badge module, affecting versions up to and including 2.9.12. The issue arises from insufficient input sanitization and output escaping, enabling an authenticated att...

Oracle Linux 7 : nss, / nss-softokn, / nss-util, / and / nspr (ELSA-2019-2237)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2237 advisory. nspr 4.21.0-1 - Rebase to NSPR 4.21 nss 3.44.0-4 - Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa 3.44.0-3 ...

CVE-2023-2237

CVE-2023-2237 affects the WordPress plugin WP Replicate Post (WordPress plugin). The vulnerability is an SQL Injection in the post_id parameter, present in versions up to and including 4.0.2, caused by insufficient escaping of user input and inadequate preparation of the SQL query. Exploitation i...

WordPress WP Replicate Post Plugin <= 4.0.2 is vulnerable to SQL Injection

Software WP Replicate Post Type Plugin Vulnerable versions = 4.0.2 Fixed in 4.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-2237 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 93caeb59c55f Credits Marco Wotschka Required privilege Contributor...

CVE-2022-2237

A flaw was found in the Keycloak Node.js Adapter. This flaw allows an attacker to benefit from an Open Redirect vulnerability in the checkSso function...