CVE-2026-2518

The FastX theme for WordPress is vulnerable to unauthorized limited plugin installation and activation due to missing capability checks on the 'ultpinstallcallback' and 'ultpactivatecallback' functions in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers...

CVE-2026-2518

creationtimestamp| type| source ---|---|--- 2026-05-22 06:28:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmgcljo6n72r...

MiracleLinux 4 : ntp-4.2.6p5-10.1.0.1.AXS4 (AXSA:2016-472:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-472:03 advisory. The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which...

CVE-2019-2518

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multipl...

EUVD-2021-2518

Malware in sbrugna...

Security Bulletin: IBM® Db2® is vulnerable to a denial of service as the server may crash under certain conditions (CVE-2025-2518).

Summary IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query. Vulnerability Details CVEID:CVE-2025-2518 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2...

IBM DB2 DoS (7235072/7235073) (Windows)

According to it self-reported version number, IBM Db2 is affected by multiple vulnerabilities. - A denial of service as the server may crash under certain conditions with a specially crafted query. CVE-2025-2518 - An authenticated user to cause a denial of service when using Q replication due to...

CVE-2025-2518

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

CVE-2025-2518

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

CVE-2025-2518 IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

CVE-2025-2518

CVE-2025-2518 affects IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) in releases 11.5.0–11.5.9 and 12.1.0–12.1.1, where a specially crafted query may cause the server to crash (DoS). IBM/Security Bulletin notes an interim fix: special build 58840 for V11.5 and V12.1. Upgrading...

CVE-2023-2518

The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape a parameter before outputting it back in the page when the debug option is enabled, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-2518

creationtimestamp| type| source ---|---|--- 2025-03-19 21:02:03+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lkr3embel52p...

CVE-2022-2518

The Stockists Manager for Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.2.1. This is due to missing nonce validation on the stockistsettingsmain function. This makes it possible for unauthenticated attackers to modify the plugin...

Huawei EulerOS: Security Advisory for wget (EulerOS-SA-2024-2518)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : flatpak (ALAS-2024-2518)

The version of flatpak installed on the remote host is prior to 1.0.9-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2518 advisory. Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properl...

CVE-2024-2518 MAGESH-K21 Online-College-Event-Hall-Reservation-System book_history.php cross site scripting

A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 and classified as problematic. This issue affects some unknown processing of the file bookhistory.php. The manipulation of the argument id leads to cross site scripting. The attack may be initiated remotely...

CVE-2024-2518 MAGESH-K21 Online-College-Event-Hall-Reservation-System book_history.php cross site scripting

A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 and classified as problematic. This issue affects some unknown processing of the file bookhistory.php. The manipulation of the argument id leads to cross site scripting. The attack may be initiated remotely...

CVE-2024-2518

The CVE-2024-2518 entry concerns MAGESH-K21 Online-College-Event-Hall-Reservation-System v1.0. A reflected Cross-Site Scripting flaw exists in the book_history.php file where manipulating the id parameter enables script execution in a victim’s browser. Some sources state the attack could be initi...

CVE-2024-2518

creationtimestamp| type| source ---|---|--- 2024-03-15 21:01:17+00:00| seen| https://t.me/ctinow/209121 2024-03-16 14:21:40+00:00| seen| https://t.me/ctinow/209554 2024-03-16 14:26:50+00:00| seen| https://t.me/ctinow/209561 2025-02-14 17:11:08+00:00| published-proof-of-concept|...