CVE-2026-2529

A security flaw has been discovered in Wavlink WL-WN579A3 up to 20210219. Affected by this issue is the function DeleteMac of the file /cgi-bin/wireless.cgi. The manipulation of the argument deletelist results in command injection. The attack can be executed remotely. The vendor was contacted ear...

CVE-2026-2529 Wavlink WL-WN579A3 wireless.cgi DeleteMac command injection

A security flaw has been discovered in Wavlink WL-WN579A3 up to 20210219. Affected by this issue is the function DeleteMac of the file /cgi-bin/wireless.cgi. The manipulation of the argument deletelist results in command injection. The attack can be executed remotely. The vendor was contacted ear...

RHEL 8 : spice-client-win (RHSA-2026:2529)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2529 advisory. Spice client MSI installers for Windows clients Security Fixes: libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer...

EUVD-2026-2529

The PayHere Payment Gateway Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to an improper validation logic in the checkpayhereresponse function in all versions up to, and including, 2.3.9. This makes it possible for unauthenticated attackers to...

CVE-2025-2529

Applications using affected versions of Ehcache 3.x can experience degraded cache-write performance if the application using Ehcache utilizes keys sourced from malicious external parties in an unfiltered/unsalted way...

Security Bulletin: Ehcache library of IBM Terracotta hash flooding DoS vulnerability

Summary The Ehcache 3.x component library of IBM Terracotta was found to have a hash flooding DoS vulnerability that can affect applications that use cache keys directly sourced from end users. Vulnerability Details CVEID:CVE-2025-2529 DESCRIPTION: Applications using affected versions of Ehcache...

CVE-2023-2529

The Enable SVG Uploads WordPress plugin through 2.1.5 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

Linux Distros Unpatched Vulnerability : CVE-2010-2529

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in ping.c in iputils 20020927, 20070202, 20071127, and 20100214 on Mandriva Linux allows remote attackers to cause a denial of service...

GHSA-F537-2529-5PF3

creationtimestamp| type| source ---|---|--- 2025-01-26 10:06:16+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3128...

CGA-2529-M92C-7G9F

Bulletin has no description...

CentOS 6 : tomcat6 (RHSA-2020:2529)

The remote CentOS Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2529 advisory. - When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the...

RHEL 5 : iputils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - iputils: denial of service vulnerability in ping CVE-2010-2529 Note that Nessus has not tested for this issue but h...

RHEL 4 : iputils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - iputils: denial of service vulnerability in ping CVE-2010-2529 Note that Nessus has not tested for this issue but h...

RHEL 3 : iputils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 3 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - iputils: denial of service vulnerability in ping CVE-2010-2529 Note that Nessus has not tested for this issue but h...

VulnCheck KEV: CVE-2006-2529

editor/filemanager/upload/php/upload.php in FCKeditor before 2.3 Beta, when the upload feature is enabled, does not verify the Type parameter, which allows remote attackers to upload arbitrary file types. NOTE: It is not clear whether this is related to CVE-2006-0658...

CVE-2024-2529

The CVE-2024-2529 entry concerns MAGESH-K21 Online-College-Event-Hall-Reservation-System v1.0, with a vulnerability in /admin/rooms.php that allows unrestricted file upload. This remote issue could enable arbitrary uploads and potential compromise; the exploit has been publicly disclosed. Multipl...

CVE-2024-2529

creationtimestamp| type| source ---|---|--- 2024-03-15 21:01:24+00:00| seen| https://t.me/ctinow/209126 2024-03-16 21:21:34+00:00| seen| https://t.me/ctinow/209715 2024-03-16 21:26:13+00:00| seen| https://t.me/ctinow/209717...

CVE-2019-2529

creationtimestamp| type| source ---|---|--- 2023-11-15 16:53:22+00:00| published-proof-of-concept| https://t.me/BABATATASASA/5990...

CVE-2023-2529

The Enable SVG Uploads WordPress plugin through 2.1.5 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

CVE-2023-2529

CVE-2023-2529 concerns the WordPress plugin Enable SVG Uploads (<= 2.1.5). The issue is that uploaded SVGs are not sanitized, allowing a user with as little as Author privileges to upload an SVG containing an XSS payload. Reported details describe a stored XSS via SVG, with the vulnerable vers...