CVE-2022-2290

creationtimestamp| type| source ---|---|--- 2026-01-30 21:02:55+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mdo7a2hxjf2v...

EUVD-2026-2290

In the Linux kernel, the following vulnerability has been resolved: caif: fix integer underflow in cffrmlreceive The cffrmlreceive function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 from this length without validating that len = 2. If an attacker sends ...

CVE-2021-2290

Vulnerability in the Oracle Engineering product of Oracle E-Business Suite component: Change Management. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2023-2290

A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code...

CVE-2025-2290

creationtimestamp| type| source ---|---|--- 2025-03-19 04:48:47+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8020 2025-03-19 07:57:41+00:00| seen| https://t.me/cvedetector/20624...

openSUSE Security Advisory (SUSE-SU-2024:2290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress Advanced Ads – Ad Manager & AdSense Plugin <= 1.52.1 is vulnerable to PHP Object Injection

Software Advanced Ads – Ad Manager & AdSense Type Plugin Vulnerable versions = 1.52.1 Fixed in 1.52.2 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-2290 Patch priority Low CVSS severity Low 6.6 Developer Claim ownership PSID 1580e82fdb8d Credits ST Required privilege...

Oracle Linux 9 : mutt (ELSA-2024-2290)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2290 advisory. - Fix for: CVE-2023-4874 CVE-2023-4875 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...

RHEL 9 : mutt (RHSA-2024:2290)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2290 advisory. Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and...

RHEL 7 : memcached (RHSA-2018:2290)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:2290 advisory. memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web...

Oracle Linux 7 : libsolv (ELSA-2019-2290)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2290 advisory. - Fix NULL pointer dereference CVE-2018-20532, CVE-2018-20533 - Fix illegal address access in poolwhatprovides CVE-2018-20534 Tenable has extracted the...

CVE-2023-2290

CVE-2023-2290 affects the Lenovo Flash Device Interface SMI handler (LenovoThinkPad/Lenovo Flash Device Interface component). The vulnerability, described across multiple feeds, allows a user who already has local access and has elevated privileges to execute arbitrary code via the LenovoFlashDev...

CVE-2022-2290

CVE-2022-2290 is a reflected Cross-Site Scripting (XSS) vulnerability in Trilium Notes prior to 0.52.4 and 0.53.1-beta, as disclosed by multiple sources. The issue affects the web interface where user-supplied input can be reflected in the browser without proper sanitization, enabling an attacker...

CVE-2022-2290 Cross-site Scripting (XSS) - Reflected in zadam/trilium

Cross-site Scripting XSS - Reflected in GitHub repository zadam/trilium prior to 0.52.4, 0.53.1-beta...

CVE-2022-2290 Cross-site Scripting (XSS) - Reflected in zadam/trilium

Cross-site Scripting XSS - Reflected in GitHub repository zadam/trilium prior to 0.52.4, 0.53.1-beta...

Oracle Linux 8 : nginx:1.16 (ELSA-2021-2290)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2290 advisory. 1.16.1-2.0.1.1 - Remove Red Hat references Orabug: 29498217 1:1.16.1-2.1 - Resolves: 1963174 - CVE-2021-23017 nginx:1.16/nginx: Off-by-one in ngxresolvercopy wh...

SUSE: Security Advisory (SUSE-SU-2017:2290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-2290

CVE-2021-2290 affects Oracle E-Business Suite Oracle Engineering Change Management; affected versions are 12.1.1–12.1.3 and 12.2.3–12.2.10. The issue allows a low-privileged, network-accessible attacker over HTTP to unauthorizedly create, delete, or modify data, or gain access to all Oracle Engin...

CVE-2021-2290

Vulnerability in the Oracle Engineering product of Oracle E-Business Suite component: Change Management. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2020-2290

CVE-2020-2290 affects Jenkins Active Choices Plugin 2.4 and earlier. The vulnerability arises because some return values of sandboxed scripts for Reactive Reference Parameters (notably List and Map) are not escaped, enabling stored XSS. Exploitation requires Job/Configure permission. The issue is...