CVE-2026-2515

The Hostinger Reach – AI-Powered Email Marketing for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handleajaxaction' function in all versions up to, and including, 1.3.8. This makes it possible for authenticated...

CVE-2025-2515

creationtimestamp| type| source ---|---|--- 2025-12-24 18:32:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3maqvkfs6d422...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2025-2515)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2017-2515

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-2515

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue...

Linux Distros Unpatched Vulnerability : CVE-2011-2515

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of...

RHEL 6 : packagekit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - PackageKit: installs unsigned RPM packages as though they were signed CVE-2011-2515 Note that Nessus has not tested...

Amazon Linux 2 : python3 (ALAS-2024-2515)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2515 advisory. An issue was found in the CPython zipfile module affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The...

CVE-2024-2515

A vulnerability, which was classified as problematic, has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected by this issue is some unknown functionality of the file home.php. The manipulation of the argument id leads to cross site scripting. The attack may be...

CVE-2024-2515

The CVE-2024-2515 issue affects MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0, specifically a vulnerability in the file home.php where manipulating the id parameter enables a cross-site scripting (XSS) flaw. The attack surface is remote over the network, with no user privileges requ...

CVE-2024-2515 MAGESH-K21 Online-College-Event-Hall-Reservation-System home.php cross site scripting

A vulnerability, which was classified as problematic, has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected by this issue is some unknown functionality of the file home.php. The manipulation of the argument id leads to cross site scripting. The attack may be...

CVE-2024-2515

creationtimestamp| type| source ---|---|--- 2024-03-15 17:56:52+00:00| seen| https://t.me/ctinow/208985 2024-03-16 10:21:51+00:00| seen| https://t.me/ctinow/209465 2024-03-16 10:26:18+00:00| seen| https://t.me/ctinow/209467...

CVE-2023-2515 Privilege escalation to system admin via personal access tokens

Mattermost fails to restrict a user with permissions to edit other users and to create personal access tokens from elevating their privileges to system admin...

CVE-2023-2515 Privilege escalation to system admin via personal access tokens

Mattermost fails to restrict a user with permissions to edit other users and to create personal access tokens from elevating their privileges to system admin...

CVE-2023-2515

Mattermost server vulnerability CVE-2023-2515 involves a failure to restrict a user’s ability to edit other users and to create personal access tokens, enabling privilege escalation to system admin. Connected sources point to the root cause as improper authorization in the createUserAccessToken f...

CVE-2022-2515

The CVE-2022-2515 issue affects the WordPress Simple Banner plugin (versions up to and including 2.11.0). It is a Stored Cross-Site Scripting vulnerability due to insufficient input sanitization and output escaping in the pro_version_activation_code setting. Authenticated attackers (including tho...

CVE-2020-2515

CVE-2020-2515 affects Oracle Database Server’s Database Gateway for ODBC. Affected Oracle versions include 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. The vulnerability enables a low-privilege attacker with Create Session permission and OracleNet network access to read, modify, or delete data expo...

CVE-2011-2515

creationtimestamp| type| source ---|---|--- 2019-11-28 00:31:22+00:00| seen| https://t.me/cibsecurity/8384 2024-02-28 16:41:41+00:00| seen| https://t.me/ctinow/195631...

CVE-2011-2515

PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code...

CVE-2011-2515

PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code...