CVE-2026-2458

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to properly validate team membership when searching channels which allows a removed team member to enumerate all public channels within a private team via the channel search API endpoint.. Mattermost Advisory ID:...

CVE-2026-2458

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to properly validate team membership when searching channels which allows a removed team member to enumerate all public channels within a private team via the channel search API endpoint.. Mattermost Advisory ID:...

CVE-2026-2458

creationtimestamp| type| source ---|---|--- 2026-02-16 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0173/...

EUVD-2020-2458

Malware in sbrugna...

EUVD-2025-2458

Malicious code in bioql PyPI...

CVE-2023-2458

Use after free in ChromeOS Camera in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. Chromium security severity: High...

WordPress Powerkit Plugin <= 2.9.1 is vulnerable to Cross Site Scripting (XSS)

Software Powerkit Type Plugin Vulnerable versions = 2.9.1 Fixed in 2.9.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2458 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5e0fc29651eb Credits Francesco Carlucci Required...

CVE-2024-2458

The Powerkit – Supercharge your WordPress Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 2.9.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

Amazon Linux 2 : amazon-ssm-agent (ALAS-2024-2458)

The version of amazon-ssm-agent installed on the remote host is prior to 3.2.2222.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2458 advisory. 2024-04-24: CVE-2023-49568 was added to this advisory. 2024-02-29: CVE-2023-39326 was added to this advisory...

Huawei EulerOS: Security Advisory for tpm2-tss (EulerOS-SA-2023-2458)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 9 : kernel (ELSA-2023-2458)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2458 advisory. - A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6streamops/inet6dgramops of...

CVE-2023-2458

creationtimestamp| type| source ---|---|--- 2023-05-12 22:27:08+00:00| seen| https://t.me/cibsecurity/64055...

CVE-2023-2458

Use after free in ChromeOS Camera in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. Chromium security severity: High...

CVE-2023-2458

Use after free in ChromeOS Camera in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. Chromium security severity: High...

CVE-2023-2458

CVE-2023-2458 describes a use-after-free in ChromeOS Camera within Google Chrome on ChromeOS, prior to 113.0.5672.114, enabling a remote attacker who persuades UI interaction to trigger heap corruption. Connected sources corroborate the same description; no exploit code or live-attack data is pro...

CVE-2022-2458

XML external entity injectionXXE is a vulnerability that allows an attacker to interfere with an application's processing of XML data. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. The software processes an XML...

CVE-2022-2458

CVE-2022-2458 is an XML External Entity (XXE) vulnerability affecting IBM Business Automation Manager/Open Editions (Business Central) and Kie-Server APIs. The weakness arises from processing XML input with external entities due to a weakly configured XML parser, enabling an attacker to cause Ext...

Oracle Identity Manager (Jul 2021 CPU)

The 11.1.2.2.0, 11.1.2.3.0, 12.2.1.3.0, and 12.2.1.4.0 versions of Identity Manager installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2021 CPU advisory. - Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: Identity...

CVE-2021-2458

CVE-2021-2458 affects Oracle Fusion Middleware Identity Manager (Identity Console) with affected versions 11.1.2.2.0, 11.1.2.3.0, 12.2.1.3.0, and 12.2.1.4.0. The vulnerability allows a low-privileged, network-accessing attacker to compromise Identity Manager via HTTP, with user interaction requir...

SUSE: Security Advisory (SUSE-SU-2013:1257-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...