CVE-2026-2249

creationtimestamp| type| source ---|---|--- 2026-02-11 22:10:05+00:00| seen| https://gist.github.com/alon710/486f5c665017dfbf71e0cfe52d4c4965 2026-02-12 08:16:33+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3menkhndbv22h...

CVE-2019-2249

Kernel can do a memory read from arbitrary address passed by user during execution of a syscall in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9205, MDM9650, QCA8081,...

CVE-2021-2249

Vulnerability in the Oracle Landed Cost Management product of Oracle E-Business Suite component: Shipment Workbench. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromis...

CVE-2005-2249

Multiple unknown vulnerabilities in Jinzora 2.0.1 have unknown impact and attack vectors, possibly involving a PHP file inclusion vulnerability...

CVE-2010-2249 affecting package syslinux for versions less than libpng-1.2.44

CVE-2010-2249 affecting package syslinux for versions less than libpng-1.2.44. A patched version of the package is available...

CVE-2025-2249

The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sojsoundslidesoptionssubpanel function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with Contributor-level access and...

CVE-2025-2249

The SoJ SoundSlides WordPress plugin (versions

CVE-2025-2249

creationtimestamp| type| source ---|---|--- 2025-03-29 04:00:06+00:00| published-proof-of-concept| Telegram/yCF7WZfcWyZgFovIoZAzXPmTHFRJxtDYTgLS7FkwxiTPY0 2025-03-29 07:28:40+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9535 2025-03-29 08:00:08+00:00|...

Exploit for CVE-2025-2249

🔐 WordPress SoJ SoundSlides Plugin ⚠️ DISCLAIMER: This ex...

CVE-2022-2249

Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. This issue affects Communication Manager versions 8.0.0.0 through 8.1.3.3 and 10.1.0.0...

CGA-928M-682H-2249

Bulletin has no description...

CVE-2024-2249

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LinkWrapper attribute found in several widgets in all versions up to, and including, 1.3.7.4 due to insufficient input sanitization and output escaping the user supplied attribute. Th...

CVE-2024-2249

CVE-2024-2249: LA-Studio Element Kit for Elementor on WordPress is susceptible to Stored Cross-Site Scripting via the LinkWrapper attribute in several widgets, up to and including version 1.3.7.4. Root cause: insufficient input sanitization and output escaping of user-supplied attributes. Impact:...

Amazon Linux 2 : libxml2 (ALAS-2023-2249)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2249 advisory. Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement function at /libxml2/SAX2.c...

WordPress wpForo Forum Plugin <= 2.1.7 is vulnerable to Local File Inclusion

Software wpForo Forum Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2023-2249 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 1bcd08b1a273 Credits Hamed Required privilege Subscriber Publishe...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Gvectors Wpforo_Forum

Original Proof of Concept for CVE-2023-2249 - Proof of Concep...

CVE-2023-2249 wpForo Forum <= 2.1.7 - Authenticated (Subscriber+) Local File Include, Server-Side Request Forgery, and PHAR Deserialization via file_get_contents

The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request Forgery, and PHAR Deserialization in versions up to, and including, 2.1.7. This is due to the insecure use of filegetcontents without appropriate verification of the data being supplied to the function...

CVE-2023-2249

CVE-2023-2249 concerns wpForo Forum (WordPress) up to version 2.1.7. The vulnerability stems from insecure use of PHP file_get_contents, enabling Local File Inclusion, Server-Side Request Forgery, and PHAR deserialization. Authenticated attackers with minimal privileges (e.g., subscriber) can rea...

CVE-2023-2249 wpForo Forum <= 2.1.7 - Authenticated (Subscriber+) Local File Include, Server-Side Request Forgery, and PHAR Deserialization via file_get_contents

The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request Forgery, and PHAR Deserialization in versions up to, and including, 2.1.7. This is due to the insecure use of filegetcontents without appropriate verification of the data being supplied to the function...

AlmaLinux 9 : xorg-x11-server-Xwayland (ALSA-2023:2249)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:2249 advisory. - A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function GetCountedString of the file xkb/xkb.c...