CVE-2026-2491 Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability

Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2026-2491

creationtimestamp| type| source ---|---|--- 2026-02-25 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-26-129/...

MiracleLinux 8 : emacs-26.1-10.el8.2 (AXSA:2023-6141:08)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6141:08 advisory. emacs: Regression of CVE-2023-28617 fixes in the Asianux Server CVE-2023-2491 Tenable has extracted the preceding description block directly from the...

CVE-2025-2491

A vulnerability classified as problematic has been found in Dromara ujcms 9.7.5. This affects the function update of the file /main/java/com/ujcms/cms/ext/web/backendapi/WebFileTemplateController.java of the component Edit Template File Page. The manipulation leads to cross site scripting. It is...

CVE-2025-2491

creationtimestamp| type| source ---|---|--- 2025-03-18 17:44:25+00:00| seen| https://t.me/cvedetector/20586 2025-03-18 18:13:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkobicz4ci2k...

CVE-2025-2491

A vulnerability classified as problematic has been found in Dromara ujcms 9.7.5. This affects the function update of the file /main/java/com/ujcms/cms/ext/web/backendapi/WebFileTemplateController.java of the component Edit Template File Page. The manipulation leads to cross site scripting. It is...

CVE-2025-20633

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00400889; Issue ID: MSV-2491...

CVE-2025-20633

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00400889; Issue ID: MSV-2491...

CVE-2025-20633

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00400889; Issue ID: MSV-2491...

CVE-2025-20633

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00400889; Issue ID: MSV-2491...

PT-2025-4152 · Mediatek · Mt7615 +3

Name of the Vulnerable Software and Affected Versions: MediaTek MT7603/MT7615/MT7622/MT7915 versions up to 7.4.0.1 Description: In the WLAN AP driver, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent code execution with no...

Oracle Siebel CRM (July 2014 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2014 CPU advisory. - Vulnerability in the Siebel Travel & Transportation component of Oracle Siebel CRM subcomponent: Diary. Supported versions that are affected are...

WordPress PowerPack Addons for Elementor Plugin <= 2.7.17 is vulnerable to Cross Site Scripting (XSS)

Software PowerPack Addons for Elementor Type Plugin Vulnerable versions = 2.7.17 Fixed in 2.7.18 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2491 Patch priority Low CVSS severity Low 6.5 Developer IdeaBox Creations PSID e7ac7cb26530 Credits wesle...

CVE-2024-2491

Technical details about CVE-2024-2491 are not provided in the supplied documents. Please monitor for official advisories for affected versions, impact, and fixes.

CVE-2024-2491 PowerPack Addons for Elementor <= 2.7.17 - Authenticated (Contributor+) Stored Cross-Site Scripting via *_html_tag*

The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the htmltag attribute of multiple widgets in all versions up to, and including, 2.7.17 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

Amazon Linux 2 : microcode_ctl (ALAS-2024-2491)

The version of microcodectl installed on the remote host is prior to 2.1-47. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2491 advisory. Non-transparent sharing of return predictor targets between contexts in some Intel Processors may allow an authorized...

SUSE CVE-2023-2491

A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise...

SUSE: Security Advisory (SUSE-SU-2023:2491-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 : emacs (ELSA-2023-3104)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3104 advisory. 1:26.1-10.2 - Bump release 1:26.1-10.1 - Bump release 1:26.1-10 - Fix ob-latex.el command injection vulnerability 2180586 1:26.1-9 - Fix MH-E mail composition...

AlmaLinux 8 : emacs (ALSA-2023:3104)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3104 advisory. - A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the org- babel-execute:latex function in ob-latex.el can result in...