CVE-2026-2376

A flaw was found in mirror-registry where an authenticated user can trick the system into accessing unintended internal or restricted systems by providing malicious web addresses. When the application processes these addresses, it automatically follows redirects without verifying the final...

EUVD-2026-2376

Due to a Missing Authorization Check vulnerability in Application Server ABAP and ABAP Platform, an authenticated attacker could misuse an RFC function to execute form routines FORMs in the ABAP system. Successful exploitation could allow the attacker to write or modify data accessible via FORMs...

CVE-2014-2376

creationtimestamp| type| source ---|---|--- 2025-10-13 23:15:47+00:00| seen| Telegram/ZNfCEfGJeWlhNfiLLAK7qKUcwQDwoIemIfudVmC3sYWyofQ...

EUVD-2021-2376

Malware in sbrugna...

CVE-2002-2376

Cross-site scripting XSS vulnerability in E-Guestsign.pl in E-Guest 1.1 allows remote attackers to inject arbitrary SSI directives, web script, and HTML via the 1 full name, 2 email, 3 homepage, and 4 location parameters. NOTE: this issue might overlap CVE-2005-1605...

CVE-2025-2376

creationtimestamp| type| source ---|---|--- 2025-03-17 12:47:37+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7760 2025-03-17 13:13:02+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114177945268984862 2025-03-17 14:00:26+00:00| published-proof-of-concept|...

CVE-2025-2376

A vulnerability has been found in viames Pair Framework up to 1.9.11 and classified as critical. Affected by this vulnerability is the function getCookieContent of the file /src/UserRemember.php of the component PHP Object Handler. The manipulation of the argument cookieName leads to...

CVE-2025-2376 viames Pair Framework PHP Object UserRemember.php getCookieContent deserialization

A vulnerability has been found in viames Pair Framework up to 1.9.11 and classified as critical. Affected by this vulnerability is the function getCookieContent of the file /src/UserRemember.php of the component PHP Object Handler. The manipulation of the argument cookieName leads to...

CVE-2025-2376 viames Pair Framework PHP Object UserRemember.php getCookieContent deserialization

A vulnerability has been found in viames Pair Framework up to 1.9.11 and classified as critical. Affected by this vulnerability is the function getCookieContent of the file /src/UserRemember.php of the component PHP Object Handler. The manipulation of the argument cookieName leads to...

CVE-2025-2376

Affected product : viames Pair Framework (up to 1.9.11). Vulnerability : The function getCookieContent in /src/UserRemember.php (PHP Object Handler) deserializes data from a cookie after manipulating the cookieName argument, enabling remote exploitation. Impact : Deserialization of untrusted data...

Linux Distros Unpatched Vulnerability : CVE-2016-2376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result...

CVE-2024-2376 WPQA < 6.1.1 - Arbitrary Category and Tag Follow/Unfollow via CSRF

The WPQA Builder WordPress plugin before 6.1.1 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

CVE-2024-2376 WPQA < 6.1.1 - Arbitrary Category and Tag Follow/Unfollow via CSRF

The WPQA Builder WordPress plugin before 6.1.1 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

WordPress WPQA - Builder forms Addon Plugin < 6.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software WPQA - Builder forms Addon Type Plugin Vulnerable versions 6.1.1 Fixed in 6.1.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2376 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 77943f96c05b Credits Bob Matyas...

CGA-2376-PH65-54MP

Bulletin has no description...

Amazon Linux 2 : openssh (ALAS-2023-2376)

The version of openssh installed on the remote host is prior to 7.4p1-22. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2376 advisory. AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A...

CVE-2023-2376

creationtimestamp| type| source ---|---|--- 2023-04-28 20:27:27+00:00| seen| https://t.me/cibsecurity/63079...

CVE-2023-2376

CVE-2023-2376 affects Ubiquiti EdgeRouter X (up to 2.0.9-hotfix.6). The Web Management Interface’s dpi argument is exploitable via a remote command-injection vulnerability. The issue is publicly disclosed and affects the affected product as described in multiple sources (NVD, CVE record, etc.). A...

SUSE CVE-2011-2376

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and Thunderbird before 3.1.11 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

CVE-2022-2376

creationtimestamp| type| source ---|---|--- 2022-09-05 16:12:11+00:00| seen| https://t.me/cibsecurity/49285 2024-11-25 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-11-25 2024-11-28 00:00:00+00:00| exploited| The Shadowserver...