CVE-2026-2449

creationtimestamp| type| source ---|---|--- 2026-04-14 12:48:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjhg3rxp4d2m 2026-04-14 13:15:45+00:00| published-proof-of-concept| Telegram/cLVBfu0wN-KDy7vSZP2Uw7mBDsIGZ8mzZODmv4ph0BNeQs...

CVE-2026-2449

Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...

CVE-2026-2449

Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...

RHEL 8 : iperf3 (RHSA-2026:2449)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:2449 advisory. Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, a...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2025-2449)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2016-2449

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - services/camera/libcameraservice/device3/Camera3Device.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before...

CVE-2022-2449

The reSmush.it : the only free Image Optimizer & compress plugin WordPress plugin before 0.4.4 does not perform CSRF checks for any of its AJAX actions, allowing an attackers to trick logged in users to perform various actions on their behalf on the site...

CVE-2025-2449

NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of NI FlexLogger. User interaction is required to exploit this vulnerability in that the target must visit ...

CVE-2025-2449

NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of NI FlexLogger. User interaction is required to exploit this vulnerability in that the target must visit ...

CVE-2025-2449

CVE-2025-2449 concerns NI FlexLogger, specifically the usiReg URI file parsing component. The vulnerability arises from insufficient validation of a user-supplied path before file operations, enabling a path traversal that can lead to remote code execution in the context of the current user. Expl...

CVE-2025-2449

creationtimestamp| type| source ---|---|--- 2025-03-17 04:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-146/...

Huawei EulerOS: Security Advisory for orc (EulerOS-SA-2024-2449)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-2449 LoadMaster Cross-Site Request Forgery (CSRF)

A cross-site request forgery vulnerability has been identified in LoadMaster. It is possible for a malicious actor, who has prior knowledge of the IP or hostname of a specific LoadMaster, to direct an authenticated LoadMaster administrator to a third-party site. In such a scenario, the CSRF...

CVE-2024-2449 LoadMaster Cross-Site Request Forgery (CSRF)

A cross-site request forgery vulnerability has been identified in LoadMaster. It is possible for a malicious actor, who has prior knowledge of the IP or hostname of a specific LoadMaster, to direct an authenticated LoadMaster administrator to a third-party site. In such a scenario, the CSRF...

GHSA-2449-JMFC-GC7F

creationtimestamp| type| source ---|---|--- 2024-03-01 21:16:41+00:00| seen| https://t.me/ctinow/197990...

CVE-2023-2449

The CVE-2023-2449 issue concerns the WordPress UserPro plugin. Concrete details from connected sources show that versions up to 5.1.1 are affected by an unauthorized password-reset flaw due to the plugin using plaintext reset keys (userpro_process_form) instead of a hashed value, enabling misuse ...

WordPress UserPro 5.1.x Password Reset / Authentication Bypass / Privilege Escalation Vulnerability

WordPress UserPro plugin versions 5.1.1 and below suffer from an insecure password reset mechanism, information disclosure, and authentication bypass vulnerabilities. Versions 5.1.4 and below suffer from privilege escalation and shortcode execution vulnerabilities. Vulnerability Details & Technic...

WordPress UserPro 5.1.x Password Reset / Authentication Bypass / Escalation

Vulnerability Details & Technical Analysis Password Reset to Privilege Escalation using the Sensitive Information Disclosure via Shortcode Description: UserPro = 5.1.1 – Insecure Password Reset Mechanism Affected Plugin: UserPro Plugin Slug: userpro Affected Versions: = 5.1.1 CVE ID: CVE-2023-244...

WordPress Userpro Plugin <= 5.1.1 is vulnerable to Broken Authentication

Software Userpro Type Plugin Vulnerable versions = 5.1.1 Fixed in 5.1.2 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2023-2449 Patch priority Low CVSS severity Low 9.8 Developer Claim ownership PSID 2a8ccae82ed6 Credits István Márton...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2449)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...