EUVD-2026-2270

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the cloneType2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2021-2270

Vulnerability in the Oracle Site Hub product of Oracle E-Business Suite component: Sites. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Site Hub. Successful attacks of this...

CVE-2010-2270

Accoria Web Server aka Rock Web Server 1.4.7 uses a predictable httpmod-sessionid cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie...

CVE-2025-2270

The Countdown, Coming Soon, Maintenance – Countdown & Clock plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.9.1 via the createCdObj function. This makes it possible for unauthenticated attackers to include and execute files with the specific...

CVE-2025-2270

CVE-2025-2270 affects the Countdown, Coming Soon, Maintenance – Countdown & Clock WordPress plugin (all versions up to 2.8.9.1). Root cause: Local File Inclusion via createCdObj, enabling unauthenticated file inclusion and potential PHP code execution. Impact reported as code execution and data a...

CVE-2025-2270 Countdown, Coming Soon, Maintenance – Countdown & Clock <= 2.8.9.1 - Unauthenticated Limited Local File Inclusion

The Countdown, Coming Soon, Maintenance – Countdown & Clock plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.9.1 via the createCdObj function. This makes it possible for unauthenticated attackers to include and execute files with the specific...

WordPress Countdown & Clock plugin <= 2.8.9.1 - Unauthenticated Limited Local File Inclusion vulnerability

Unauthenticated Limited Local File Inclusion vulnerability discovered by mikemyers in WordPress Plugin Countdown & Clock versions = 2.8.9.1...

Linux Distros Unpatched Vulnerability : CVE-2016-2270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xen 4.6.x and earlier allows local guest administrators to cause a denial of service host reboot via vectors related to multiple mappings of MMIO pages with...

Linux Distros Unpatched Vulnerability : CVE-2014-2270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service out-of-bounds memory access and crash via crafted...

SUSE SLES12 Security Update : squid (SUSE-SU-2024:2270-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:2270-1 advisory. - CVE-2024-37894: Fixed a denial of Service issue in ESI processing bsc1227086 Tenable has extracted the preceding description block directl...

CVE-2024-2270 keerti1924 Online-Book-Store-Website signup.php cross site scripting

A vulnerability was found in keerti1924 Online-Book-Store-Website 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /signup.php. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The...

CVE-2024-2270

The CVE-2024-2270 entry concerns keerti1924 Online-Book-Store-Website 1.0. A cross-site scripting vulnerability exists in the signup.php file, caused by manipulation of the argument name. The flaw is described as exploitable remotely and the exploit has been disclosed publicly. Multiple connected...

CVE-2024-2270

creationtimestamp| type| source ---|---|--- 2024-03-07 16:12:01+00:00| seen| https://t.me/ctinow/202523 2024-03-08 00:26:58+00:00| seen| https://t.me/ctinow/202907 2024-03-08 00:27:06+00:00| seen| https://t.me/ctinow/202912...

Amazon Linux 2 : webkitgtk4 (ALAS-2023-2270)

The version of webkitgtk4 installed on the remote host is prior to 2.40.5-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2270 advisory. A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4,...

CVE-2023-2270

creationtimestamp| type| source ---|---|--- 2023-06-15 12:36:10+00:00| seen| https://t.me/cibsecurity/65257...

CVE-2023-2270

The Netskope client service running with NT\SYSTEM privileges accepts network connections from localhost to start various services and execute commands. The connection handling function of Netskope client before R100 in this service utilized a relative path to download and unzip configuration fil...

CVE-2023-2270

CVE-2023-2270 affects Netskope client versions prior to R100. The Netskope client service runs with NT\SYSTEM privileges and accepts localhost connections to start services. A local-path handling flaw in the pre-R100 download/unzip of configuration files allowed local users to write arbitrary fil...

Debian: Security Advisory (DLA-145-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K15689: Fine Free file vulnerabilites CVE-2014-1943 and CVE-2014-2270

Security Advisory Description CVE-2014-1943 Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file. CVE-2014-2270 softmagic.c in file before 5.17 and...

SUSE CVE-2005-2270

Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object...