CVE-2026-2564

A security flaw has been discovered in Intelbras VIP 3260 Z IA 2.840.00IB005.0.T. Affected by this vulnerability is an unknown functionality of the file /OutsideCmd. The manipulation results in weak password recovery. It is possible to launch the attack remotely. Attacks of this nature are highly...

CVE-2026-2564

creationtimestamp| type| source ---|---|--- 2026-02-15 19:28:13+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116076294415630420 2026-02-16 22:34:23+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mez4bayevy2n 2026-02-16 22:35:11+00:00| seen|...

CGA-22V8-2564-2P34

Bulletin has no description...

EUVD-2026-2564

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2019-2564

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

CGA-2564-H9CR-C5RF

Bulletin has no description...

CVE-2023-2564

OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0...

CVE-2025-2564 vulnerabilities

Vulnerabilities for packages: mattermost-fips...

Mattermost Server 9.11.x < 9.11.10 / 10.4.x < 10.4.4 / 10.5.x < 10.5.2 / 10.6.0 (MMSA-2025-00436)

The version of Mattermost Server installed on the remote host is prior to 9.11.10, 10.4.4, or 10.5.2 / 10.6.0. It is, therefore, affected by a vulnerability as referenced in the MMSA-2025-00436 advisory. - Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to properly...

CVE-2025-2564

creationtimestamp| type| source ---|---|--- 2025-04-16 20:14:25+00:00| seen| https://t.me/cvedetector/23136...

CVE-2025-2564

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to properly enforce the 'Allow users to view/update archived channels' System Console setting, which allows authenticated users to view members and member information of archived channels even when this setting is disabled...

CVE-2025-2564

Summary: CVE-2025-2564 affects Mattermost Server versions 10.5.x &lt;= 10.5.1, 10.4.x &lt;= 10.4.3, and 9.11.x

CVE-2025-2564 Unauthorized View Access to Archived Channel Member Info

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to properly enforce the 'Allow users to view/update archived channels' System Console setting, which allows authenticated users to view members and member information of archived channels even when this setting is disabled...

CVE-2022-2564

Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6...

Amazon Linux 2 : openssl11 (ALAS-2024-2564)

The version of openssl11 installed on the remote host is prior to 1.1.1g-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2564 advisory. Issue summary: Some non-default TLS server configurations can cause unboundedmemory growth when processing TLSv1.3 sessions...

Oracle Linux 9 : mod_http2 (ELSA-2024-2564)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-2564 advisory. - Resolves: RHEL-31855 - modhttp2: httpd: CONTINUATION frames DoS CVE-2024-27316 Tenable has extracted the preceding description block directly from the Oracle...

RHEL 9 : mod_http2 (RHSA-2024:2564)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2564 advisory. The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: modhttp2: httpd:...

CVE-2024-2564

creationtimestamp| type| source ---|---|--- 2024-03-17 15:21:52+00:00| seen| https://t.me/ctinow/209960 2024-03-17 15:26:44+00:00| seen| https://t.me/ctinow/209961...

CVE-2024-2564

CVE-2024-2564 affects PandaXGO PandaX up to 20240310 . The vulnerability is in the function ExportUser (file /apps/system/api/user.go ); manipulating the filename parameter enables a path traversal (e.g., '../filedir'), potentially allowing access to files outside the intended directory. Exploita...

Prototype Pollution in ali-security/mongoose

Impact This vulnerability causes a Prototype Pollution in document.js, through functions such as findByIdAndUpdate. For applications using Express and EJS, this can potentially allow remote code execution. Patches The original patched version for mongoose 5.3.3 did not include a fix for...