CVE-2026-2791

creationtimestamp| type| source ---|---|--- 2026-02-25 00:02:23+00:00| seen| https://bsky.app/profile/slackers.it/post/3mfnevtu6ue22 2026-02-28 02:01:58+00:00| seen| https://bsky.app/profile/slackers.it/post/3mfv4yh74bv2y...

Linux Distros Unpatched Vulnerability : CVE-2026-2791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mitigation bypass in the Networking: Cache component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2791

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the Networking: Cache component...

DEBIAN-CVE-2026-2791

Mitigation bypass in the Networking: Cache component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2791

Mitigation bypass in the Networking: Cache component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

MiracleLinux 3 : httpd-2.2.3-43.3.0.1.AXS3 (AXSA:2010-433:03)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-433:03 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release; CVE-2010-1452 The 1 modcache and...

CVE-2023-2791

When creating a playbook run via the /dialog API, Mattermost fails to validate all parameters, allowing an authenticated attacker to edit an arbitrary channel post...

CVE-2022-2791

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC...

CVE-2013-2791

MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to cause a denial of service master-station daemon crash via a malformed DNP3 TCP packet from the IP address of an outstation...

Amazon Linux 2 : xorg-x11-server (ALAS-2025-2791)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2791 advisory. A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to free...

CVE-2024-2791

The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 3.8.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-2791 Metform Elementor Contact Form Builder <= 3.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widgets

The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 3.8.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress Metform Elementor Contact Form Builder Plugin <= 3.8.5 is vulnerable to Cross Site Scripting (XSS)

Software Metform Elementor Contact Form Builder Type Plugin Vulnerable versions = 3.8.5 Fixed in 3.8.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2791 Patch priority Low CVSS severity Low 6.5 Developer Wpmet PSID f8f51d893718 Credits Dau Hoang T...

CVE-2023-2791

CVE-2023-2791 concerns Mattermost where creating a playbook run via the "/dialog" API fails to validate all parameters. The underlying issue is a parameter validation weakness that lets an authenticated attacker edit an arbitrary channel post. Public sources in the connected documents consistentl...

CVE-2023-2791 Playbooks lets you edit arbitrary posts

When creating a playbook run via the /dialog API, Mattermost fails to validate all parameters, allowing an authenticated attacker to edit an arbitrary channel post...

Huawei EulerOS: Security Advisory for dbus (EulerOS-SA-2022-2791)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-2791

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC...

CVE-2022-2791

creationtimestamp| type| source ---|---|--- 2022-08-23 10:18:15+00:00| seen| https://t.me/truesecator/3323 2022-11-22 22:13:14+00:00| seen| https://t.me/cibsecurity/53372...

Emerson Proficy Machine Edition

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Emerson Equipment: Proficy Machine Edition Vulnerabilities: Missing Support for Integrity Check, Improper Access Control, Unrestricted Upload of File with Dangerous Type, Improper Verification of...

Debian: Security Advisory (DLA-2791-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...