CVE-2026-2799

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Core & HTML component...

CVE-2026-2799

creationtimestamp| type| source ---|---|--- 2026-02-26 09:36:04+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfqvgpqvu52f...

RockyLinux 9 : php (RLSA-2026:2799)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:2799 advisory. php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk images...

CVE-2026-2799

Use-after-free in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

Oracle Linux 9 : php (ELSA-2026-2799)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2799 advisory. - Fix Heap buffer overflow in arraymerge CVE-2025-14178 Tenable has extracted the preceding description block directly from the Oracle Linux security...

CVE-2024-2799

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Grid & Advanced Text widget HTML tags in all versions up to, and including, 1.3.96 due to insufficient input sanitization and output escaping on user supplied attributes. This...

CVE-2018-2799 vulnerabilities

Vulnerabilities for packages: corretto, openjdk-17-openj9, openjdk-11-openj9, openjdk-8-openj9, openjdk-21-openj9...

CVE-2025-2799

creationtimestamp| type| source ---|---|--- 2025-07-16 06:28:50+00:00| seen| Telegram/uTClkgxVhXpCUyHL3wYkAI7SgXCbEsxOw11ZIe9PA5g-bzU...

CVE-2025-2799 WP Event Manager <= 3.1.49 - Authenticated (Administrator+) Stored Cross-Site Scripting

The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tag-name’ parameter in all versions up to, and including, 3.1.49 due to insufficient input sanitization and output escaping. This makes i...

CVE-2023-2799

A vulnerability, which was classified as problematic, has been found in cnoa OA up to 5.1.1.5. Affected by this issue is some unknown functionality of the file /index.php?app=main=passport=login. The manipulation leads to use of hard-coded password. The exploit has been disclosed to the public an...

CVE-2022-2799

The Affiliates Manager WordPress plugin before 2.9.14 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2005-2799

Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request...

OESA-2023-1746 xerces-j2 security update

Security Fixes: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attack...

SUSE SLES15 / openSUSE 15 Security Update : prometheus-ha_cluster_exporter (SUSE-SU-2023:2799-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2799-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

CVE-2023-2799

creationtimestamp| type| source ---|---|--- 2023-05-18 20:33:03+00:00| seen| https://t.me/cibsecurity/64412...

CVE-2023-2799

CVE-2023-2799 affects cnoa OA up to v5.1.1.5. The vulnerability exists in an unknown function of the file /index.php?app=main&func=passport&action=login, where a hard-coded password is used. Public exploitation has been disclosed. Impact is described as enabling access with a hard-coded credentia...

WordPress Affiliates Manager Plugin < 2.9.14 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpaffiliatemanager:affiliatesmanager"; ifdescription...

CVE-2022-2799

creationtimestamp| type| source ---|---|--- 2022-09-16 12:42:00+00:00| seen| https://t.me/cibsecurity/49872...

CVE-2022-2799

The Affiliates Manager WordPress plugin before 2.9.14 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-2799 Affiliates Manager < 2.9.14 - Admin+ Stored Cross-Site Scripting

The Affiliates Manager WordPress plugin before 2.9.14 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...