UBUNTU-CVE-2026-2745

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 7.11 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to bypass WebAuthn two-factor authentication and gain unauthorized access to user accounts due to inconsisten...

CVE-2026-2745

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 7.11 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to bypass WebAuthn two-factor authentication and gain unauthorized access to user accounts due to inconsisten...

CVE-2026-2745

creationtimestamp| type| source ---|---|--- 2026-03-25 14:30:14+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mhvchlod2p25 2026-03-25 18:06:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhvojp34fz2j 2026-03-26 03:00:00+00:00| seen|...

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.222.b10-0.AXS4 (AXSA:2019-3938:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3938:03 advisory. OpenJDK: Side-channel attack risks in Elliptic Curve EC cryptography Security, 8208698 CVE-2019-2745 OpenJDK: Insufficient checks of suppressed...

CVE-2025-2745

CVE-2025-2745 is a cross-site scripting vulnerability in AVEVA PI Web API (versions 2023 SP1 and prior). The root cause is improper handling that allows an authenticated attacker, with privileges to create/update annotations or upload media files, to persist arbitrary JavaScript code. The code co...

CVE-2025-2745 AVEVA PI Web API Cross-site Scripting

A cross-site scripting vulnerability exists in AVEVA PI Web API version 2023 SP1 and prior that, if exploited, could allow an authenticated attacker with privileges to create/update annotations or upload media files to persist arbitrary JavaScript code that will be executed by users who were...

CVE-2025-2745

creationtimestamp| type| source ---|---|--- 2025-06-12 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-08 2025-06-12 20:34:15+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18224...

WordPress Core 6.2 - Directory Traversal

Exploit Title: WordPress Core 6.2 - Directory Traversal Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Version: = 6.2 Tested on: Win, Ubuntu CVE : CVE-2023-2745 import requests from colorama import init,...

Debian dsa-5685 : wordpress - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5685 advisory. - WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the wplang' parameter. This allows unauthenticated attackers...

[SECURITY] [DSA 5685-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5685-1 [email protected] https://www.debian.org/security/ Markus Koschany May 08, 2024 https://www.debian.org/security/faq -...

RHEL 6 / 7 : rh-nginx110-nginx (RHSA-2019:2745)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2745 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage...

CVE-2013-2745

creationtimestamp| type| source ---|---|--- 2024-03-07 10:36:57+00:00| seen| https://t.me/ctinow/202272...

SUSE SLES12 Security Update : prometheus-ha_cluster_exporter (SUSE-SU-2023:2745-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2745-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

Debian dla-3462 : wordpress - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3462 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3462-1 [email protected] https://www.debian.org/lts/security/...

CVE-2023-2745

creationtimestamp| type| source ---|---|--- 2023-05-17 12:31:07+00:00| seen| https://t.me/cibsecurity/64301 2024-06-15 15:16:47+00:00| published-proof-of-concept| Telegram/kSgfd90HLDeLdMdtqrKeKRfN1NKozSXE6QwhczfIL3pl2QOs 2025-04-23 21:02:23+00:00| seen|...

CVE-2023-2745

WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wplang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such ...

CVE-2023-2745

CVE-2023-2745 — WordPress Core

WordPress is vulnerable to Directory Traversal

Software WordPress Type WordPress Core Vulnerable versions = 6.2 Fixed in 6.2.1 OWASP Top 10 A1: Injection Classification Directory Traversal CVE CVE-2023-2745 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 0d1028dd7204 Credits Ramuel Gall Wordfence Required privile...

K91117041: Oracle Java SE vulnerability CVE-2019-2745, CVE-2019-2762

Security Advisory Description CVE-2019-2745 Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 7u221, 8u212 and 11.0.3. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructu...

CVE-2022-2745

creationtimestamp| type| source ---|---|--- 2022-08-11 12:32:06+00:00| seen| https://t.me/cibsecurity/47940...