65 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-2646
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSLd2iSSLSESSION function. When deserializing session data with SESSIONCERTS enabled, certificate a...
CVE-2024-2646
A vulnerability classified as critical was found in Netentsec NS-ASG Application Security Gateway 6.3. This vulnerability affects unknown code of the file /vpnweb/index.php?para=index. The manipulation of the argument checkVirtualSiteId leads to sql injection. The attack can be initiated remotely...
CVE-2023-2646
A vulnerability has been found in TP-Link Archer C7v2 v2enus180114 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component GET Request Parameter Handler. The manipulation leads to denial of service. The attack can only be done within the local...
CVE-2025-2646
A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. The attack can be...
CVE-2025-2646
A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. The attack can be...
CVE-2025-2646 PHPGurukul Art Gallery Management System admin-profile.php sql injection
A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. The attack can be...
CVE-2025-2646 PHPGurukul Art Gallery Management System admin-profile.php sql injection
A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. The attack can be...
CVE-2025-2646
The CVE refers to PHPGurukul Art Gallery Management System 1.0 with a SQL injection in /admin/admin-profile.php, triggered by manipulating the contactnumber parameter. Public reports from CNVD/CNNVD and others confirm this vulnerability, describe it as critical (attackable remotely) and affecting...
Amazon Linux 2 : c-ares (ALAS-2024-2646)
The version of c-ares installed on the remote host is prior to 1.19.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2646 advisory. Insufficient randomness in generation of DNS query IDs When /dev/urandom or RtlGenRandom are unavailable, c-ares uses rand to...
CVE-2024-2646 Netentsec NS-ASG Application Security Gateway sql injection
A vulnerability classified as critical was found in Netentsec NS-ASG Application Security Gateway 6.3. This vulnerability affects unknown code of the file /vpnweb/index.php?para=index. The manipulation of the argument checkVirtualSiteId leads to sql injection. The attack can be initiated remotely...
CVE-2024-2646
CVE-2024-2646 affects Netentsec NS-ASG Application Security Gateway version 6.3. The vulnerability is a SQL injection in the endpoint /vpnweb/index.php?para=index triggered by manipulating the check_VirtualSiteId argument. It is exploitable remotely and has been disclosed publicly. Impacts includ...
CVE-2023-2646
creationtimestamp| type| source ---|---|--- 2023-05-11 12:15:16+00:00| seen| https://t.me/cibsecurity/63866 2025-01-24 17:04:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2937...
CVE-2023-2646 TP-Link Archer C7v2 GET Request Parameter denial of service
A vulnerability has been found in TP-Link Archer C7v2 v2enus180114 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component GET Request Parameter Handler. The manipulation leads to denial of service. The attack can only be done within the local...
CVE-2023-2646
CVE-2023-2646 affects TP-Link Archer C7v2 (v2_en_us_180114). The vulnerability targets an unknown function in the GET Request Parameter Handler, with exploitation restricted to local network access and the impact being denial of service. Public sources confirm the affected device and component; r...
K21512823: MySQL vulnerabilities CVE-2018-2645, CVE-2018-2646, CVE-2018-2647, CVE-2018-2665, and CVE-2018-2667
Security Advisory Description CVE-2018-2645 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Performance Schema. Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with...
SUSE CVE-2015-2646
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin for DB: 12.1.0.5, 12.1.0.6, 12.1.0.7; EM DB Control: 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote attackers to affect integrity via...
SUSE CVE-2018-2646
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DML. Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2022-2646
creationtimestamp| type| source ---|---|--- 2022-08-04 12:19:25+00:00| seen| https://t.me/cibsecurity/47537...
CVE-2022-2646
SourceCodester Online Admission System is affected by a cross-site scripting vulnerability in an unknown function of index.php. The eid parameter can be manipulated with input such as 8, allowing remote exploitation. Multiple connected reports corroborate the flaw and its remote abuse. Several so...
CVE-2022-2646 SourceCodester Online Admission System index.php cross site scripting
A vulnerability, which was classified as problematic, was found in SourceCodester Online Admission System. Affected is an unknown function of the file index.php. The manipulation of the argument eid with the input 8alert1 leads to cross site scripting. It is possible to launch the attack remotely...