CVE-2026-2382

creationtimestamp| type| source ---|---|--- 2026-06-02 09:48:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnccuwk3q324...

MiracleLinux 8 : libsndfile-1.0.28-10.el8.1 (AXSA:2021-2382:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2382:01 advisory. libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution CVE-2021-3246 Tenable has extracted the preceding description block...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002382)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002382 advisory. An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2clearrgrpd and readrindexentry. Tenable has...

EUVD-2026-2382

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network LAN could cause the device to malfunction by sending specially crafted packets to an unpatched device...

MINI-2382-3Q76-8C86

Bulletin has no description...

EUVD-2015-2474

Malware in sbrugna...

CVE-2022-2382

The Product Slider for WooCommerce WordPress plugin before 2.5.7 has flawed CSRF checks and lack authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber to call them. One in particular could allow them to delete arbitrary blog options...

CVE-2002-2382

cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out...

CVE-2025-2382

A vulnerability classified as critical was found in PHPGurukul Online Banquet Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/booking-search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched...

CVE-2025-2382

A vulnerability classified as critical was found in PHPGurukul Online Banquet Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/booking-search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched...

CVE-2025-2382 PHPGurukul Online Banquet Booking System booking-search.php sql injection

A vulnerability classified as critical was found in PHPGurukul Online Banquet Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/booking-search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched...

CVE-2025-2382 PHPGurukul Online Banquet Booking System booking-search.php sql injection

A vulnerability classified as critical was found in PHPGurukul Online Banquet Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/booking-search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched...

CVE-2024-2382 Authorize.net Payment Gateway For WooCommerce <= 8.0 - Insufficient Verification of Data Authenticity to Unauthenticated Payment Bypass

The Authorize.net Payment Gateway For WooCommerce plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 8.0. This is due to the plugin not properly verifying the authenticity of the request that updates a orders payment status. This makes it possible for...

CVE-2024-2382

CVE-2024-2382 affects the Authorize.net Payment Gateway For WooCommerce plugin for WordPress. The root cause is that the plugin does not properly verify the authenticity of the request that updates an order’s payment status, enabling an unauthenticated attacker to set the status to paid and bypas...

CVE-2024-2382 Authorize.net Payment Gateway For WooCommerce <= 8.0 - Insufficient Verification of Data Authenticity to Unauthenticated Payment Bypass

The Authorize.net Payment Gateway For WooCommerce plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 8.0. This is due to the plugin not properly verifying the authenticity of the request that updates a orders payment status. This makes it possible for...

CVE-2023-2382

Netgear SRX5308 Web Management Interface contains a cross-site scripting vulnerability in the endpoint scgi-bin/platform.cgi?page=firewall_logs_email.htm, caused by unsafely handling the sysLogInfo.serverName parameter. Several sources (CVE-2023-2382, CNVD-2023-42976, RH-CVE, CVELIST) confirm rem...

CVE-2022-2382

The CVE-2022-2382 entry affects the WordPress plugin Product Slider for WooCommerce (versions before 2.5.7). The underlying issue is flawed CSRF checks and incomplete authorization in certain AJAX actions, enabling any authenticated user (e.g., a subscriber) to invoke those actions and, in at lea...

CVE-2022-2382 Product Slider for WooCommerce < 2.5.7 - Subscriber+ Arbitrary Options Deletion

The Product Slider for WooCommerce WordPress plugin before 2.5.7 has flawed CSRF checks and lack authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber to call them. One in particular could allow them to delete arbitrary blog options...

CVE-2019-2382

...

CVE-2019-2382

CVE-2019-2382 entry is rejected/not used and does not represent an active vulnerability.