MINI-GHWR-2395-Q5W7

Bulletin has no description...

EUVD-2026-2395

EUVD-2026-2395...

CVE-2025-2395

creationtimestamp| type| source ---|---|--- 2025-03-17 06:40:15+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lkkkbsyv2v2v 2025-03-17 07:48:28+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114176668990422188 2025-03-17 08:00:53+00:00| seen|...

CVE-2025-2395 e-Excellence U-Office Force - Improper Authentication

The U-Office Force from e-Excellence has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to use a particular API and alter cookies to log in as an administrator...

Linux Distros Unpatched Vulnerability : CVE-2005-2395

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the strongest authentication scheme available as required by RFC2617, which might cause...

CVE-2024-2395

The Bulgarisation for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.14. This is due to missing or incorrect nonce validation on several functions. This makes it possible for unauthenticated attackers to generate and delete...

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2024-2395)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-2395

creationtimestamp| type| source ---|---|--- 2024-03-12 23:26:13+00:00| seen| https://t.me/ctinow/206262 2024-03-12 23:26:23+00:00| seen| https://t.me/ctinow/206269...

CVE-2024-2395

The Bulgarisation for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.14. This is due to missing or incorrect nonce validation on several functions. This makes it possible for unauthenticated attackers to generate and delete...

CVE-2024-2395

The Bulgarisation for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.14. This is due to missing or incorrect nonce validation on several functions. This makes it possible for unauthenticated attackers to generate and delete...

CVE-2024-2395

CVE-2024-2395 : Bulgarisation for WooCommerce (WordPress) is affected by a CSRF vulnerability due to missing/incorrect nonce validation in multiple functions, enabling unauthenticated attackers to forge requests to generate/delete labels if a site admin is induced to click a link. This vulnerabil...

WordPress Bulgarisation for WooCommerce Plugin <= 3.0.14 is vulnerable to Cross Site Request Forgery (CSRF)

Software Bulgarisation for WooCommerce Type Plugin Vulnerable versions = 3.0.14 Fixed in 3.0.15 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2395 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5e6cd7edc42d Credits...

Amazon Linux 2 : dmidecode (ALAS-2024-2395)

The version of dmidecode installed on the remote host is prior to 3.2-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2395 advisory. Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of...

CVE-2023-2395

A vulnerability classified as problematic has been found in Netgear SRX5308 up to 4.3.5-3. This affects an unknown part of the component Web Management Interface. The manipulation of the argument Login.userAgent leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2023-2395

Summary of CVE-2023-2395 : Netgear SRX5308 Web Management Interface is vulnerable to cross-site scripting via manipulation of the Login.userAgent parameter. Affected: Netgear SRX5308 up to version 4.3.5-3. The issue originates in input handling of the userAgent field within the Web Management UI ...

SUSE CVE-2005-2395

Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the strongest authentication scheme available as required by RFC2617, which might cause credentials to be sent in plaintext even if an encrypted channel is available...

CVE-2022-2395

creationtimestamp| type| source ---|---|--- 2022-08-08 18:23:50+00:00| seen| https://t.me/cibsecurity/47738...

CVE-2022-2395

The weForms WordPress plugin before 1.6.14 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-2395

The CVE-2022-2395 entry concerns the WordPress weForms plugin (versions prior to 1.6.14). Affected component: plugin settings sanitisation/escaping; root cause: settings are not sanitized or escaped, enabling stored Cross-Site Scripting by high-privilege users (e.g., admins) even when unfiltered_...

SUSE: Security Advisory (SUSE-SU-2022:2395-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...