CVE-2026-2273

CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...

CVE-2026-2273

creationtimestamp| type| source ---|---|--- 2026-03-10 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0254/ 2026-03-19 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-078-03...

MINI-6W5J-5C9F-2273

Bulletin has no description...

MiracleLinux 8 : httpd:2.4 (AXSA:2021-2273:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2273:01 advisory. httpd: modsessioncookie does not respect expiry time CVE-2018-17199 httpd: modproxyuwsgi buffer overflow CVE-2020-11984 httpd: modhttp2 concurrent...

EUVD-2026-2273

In the Linux kernel, the following vulnerability has been resolved: f2fs: invalidate dentry cache on failed whiteout creation F2FS can mount filesystems with corrupted directory depth values that get runtime-clamped to MAXDIRHASHDEPTH. When RENAMEWHITEOUT operations are performed on such...

CVE-2019-2273

IOMMU page fault while playing h265 video file leads to denial of service issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS605, Qualcomm 215,...

CVE-2024-2273

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 3.2.34 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

Security Bulletin: There is a vulnerability in dojo-1.17.3.js used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2021-23450, CVE-2008-6681, CVE-2010-2273)

Summary There is a vulnerability in dojo-1.17.3.js used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2021-23450 DESCRIPTION: All versions of package dojo are vulnerable to Prototype Pollution via the setObject function. CWE:CWE-1321: Improperly...

CVE-2022-2273

The Simple Membership WordPress plugin before 4.1.3 does not properly validate the membershiplevel parameter when editing a profile, allowing members to escalate to a higher membership level by using a crafted POST request...

CVE-2021-2273

Vulnerability in the Oracle Legal Entity Configurator product of Oracle E-Business Suite component: Create Contracts. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Legal...

CVE-2020-2273

A cross-site request forgery CSRF vulnerability in Jenkins ElasTest Plugin 1.2.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...

CVE-2010-2273

Multiple cross-site scripting XSS vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to...

CVE-2013-2273

bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 before 0.6.0.11rc1, 0.6.1 through 0.6.5 before 0.6.5rc1, and 0.7.x before 0.7.3rc1 make it easier for remote attackers to obtain potentially sensitive information about returned change by leveraging certain predictability in th...

CVE-2004-2273

efFingerD 0.2.12 allows remote attackers to cause a denial of service daemon crash via a packet with a single byte, which triggers a "Wrong protocol or connection state" error...

openSUSE: Security Advisory for podman (SUSE-SU-2024:2273-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-2273

CVE-2024-2273 affects Gutenberg Blocks by Kadence Blocks – Page Builder Features for WordPress. The flaw is a Stored Cross-Site Scripting (XSS) in multiple parameters due to insufficient input sanitization and output escaping, enabling an attacker with at least contributor privileges to inject we...

CVE-2024-2273 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.34 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 3.2.34 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

WordPress Gutenberg Blocks by Kadence Blocks Plugin <= 3.2.34 is vulnerable to Cross Site Scripting (XSS)

Software Gutenberg Blocks by Kadence Blocks Type Plugin Vulnerable versions = 3.2.34 Fixed in 3.2.35 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2273 Patch priority Low CVSS severity Low 6.5 Developer KadenceWP PSID 71d6e3031eb0 Credits Dau Hoang...

CVE-2023-2273 Rapid7 Insight Agent Directory Traversal

Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer from a Directory Traversal vulnerability whereby unsanitized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path. This can result in a Path Traversal vulnerability and allow an attacker to write...

CVE-2023-2273

CVE-2023-2273 affects Rapid7 Insight Agent (token handler) versions ≤ 3.2.6. The issue is a Directory Traversal where an unsanitized CLI argument flows into io.ioutil.WriteFile and is used as a path, enabling an attacker to write arbitrary files. Remediation: upgrade to version 3.3.0, which adds ...