CVE-2026-2719

creationtimestamp| type| source ---|---|--- 2026-04-24 06:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mk7vrzzr232q...

AlmaLinux 10 : gnupg2 (ALSA-2026:2719)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:2719 advisory. GnuPG: GnuPG: Stack-based buffer overflow in tpm2daemon allows arbitrary code execution CVE-2026-24882 Tenable has extracted the preceding description block...

CVE-2023-2719

The SupportCandy WordPress plugin before 3.1.7 does not properly sanitise and escape the id parameter for an Agent in the REST API before using it in an SQL statement, leading to an SQL Injection exploitable by users with a role as low as Subscriber...

CVE-2025-2719

The Swatchly – WooCommerce Variation Swatches for Products product attributes: Image swatch, Color swatches, Label swatches plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function in versions 1.2.8 to 1.4.0. This makes ...

CVE-2025-2719

CVE-2025-2719 concerns the Swatchly – WooCommerce Variation Swatches for Products plugin for WordPress. Versions 1.2.8 to 1.4.0 expose an unauthorized modification risk via a missing capability check in the ajax_dismiss function. This could allow authenticated attackers with Subscriber-level acce...

CVE-2025-2719 Swatchly – WooCommerce Variation Swatches for Products (product attributes: Image swatch, Color swatches, Label swatches) 1.2.8 - 1.4.0 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update

The Swatchly – WooCommerce Variation Swatches for Products product attributes: Image swatch, Color swatches, Label swatches plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function in versions 1.2.8 to 1.4.0. This makes ...

WordPress Swatchly – WooCommerce Variation Swatches for Products plugin 1.2.8-1.4.0 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update vulnerability

Missing Authorization to Authenticated Subscriber+ Limited Options Update vulnerability discovered by kr0d in WordPress Plugin Swatchly – WooCommerce Variation Swatches for Products versions 1.2.8-1.4.0...

CVE-2013-2719

creationtimestamp| type| source ---|---|--- 2025-02-14 21:08:31+00:00| seen| Telegram/1NSIX1wu2gyUOfYjusC-VT-KGW0oSSja3s2e2DaPm70aZ1Y9...

CVE-2024-2719

CVE-2024-2719 affects Campcodes Complete Online DJ Booking System 1.0. The vulnerability is a cross-site scripting issue in an unknown function of /admin/admin-profile.php where manipulating the adminname parameter enables remote exploitation. The exploit has been disclosed publicly. Some connect...

SUSE: Security Advisory (SUSE-SU-2023:4634-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-2719

The SupportCandy WordPress plugin before 3.1.7 does not properly sanitise and escape the id parameter for an Agent in the REST API before using it in an SQL statement, leading to an SQL Injection exploitable by users with a role as low as Subscriber...

CVE-2023-2719 SupportCandy < 3.1.7 - Subscriber+ SQLi

The SupportCandy WordPress plugin before 3.1.7 does not properly sanitise and escape the id parameter for an Agent in the REST API before using it in an SQL statement, leading to an SQL Injection exploitable by users with a role as low as Subscriber...

CVE-2023-2719

CVE-2023-2719 concerns the WordPress plugin SupportCandy prior to version 3.1.7. The issue is an SQL Injection caused by insufficient sanitization/escaping of the REST API Agent endpoint’s id parameter before it is used in an SQL statement. This can be exploited by users with as little as a Subsc...

WordPress SupportCandy Plugin < 3.1.7 is vulnerable to SQL Injection

Software SupportCandy Type Plugin Vulnerable versions 3.1.7 Fixed in 3.1.7 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-2719 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID c15c7e980643 Credits dc11 Required privilege Subscriber Published 19 June,...

SUSE CVE-2008-7177

Buffer overflow in the listing module in Netwide Assembler NASM before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719...

SUSE CVE-2013-2719

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722,...

Mageia: Security Advisory (MGASA-2022-0446)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2022-1896 ImageMagick security update

Security Fixes: In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick version 7.1.0-30.CVE-2022-2719...

SUSE: Security Advisory (SUSE-SU-2022:3119-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:3119-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2021-20224: Fixed an integer overflow that could be triggered via a crafted file bsc1202800. - CVE-2022-2719: Fixed a reachable assertion that could lead to denial of service via a crafted file bsc1202250...