Linux Distros Unpatched Vulnerability : CVE-2026-2800

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability was fixed in Firefox 148 and Thunderbird 148. CVE-2026-2800 Note that Nessus...

CVE-2026-2800

creationtimestamp| type| source ---|---|--- 2026-02-26 09:36:12+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfqvgx7kzo2v...

CVE-2026-2800

Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

CVE-2008-2804

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2800. Reason: This candidate is a reservation duplicate of CVE-2008-2800. Notes: All CVE users should reference CVE-2008-2800 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental...

MiracleLinux 7 : rh-mysql80-mysql-8.0.17-1.el7 (AXSA:2020-4497:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4497:03 advisory. mysql: Server: Replication multiple unspecified vulnerabilities CVE-2019-2800, CVE-2019-2436, CVE-2019-2531, CVE-2019-2534, CVE-2019-2614,...

MiracleLinux 8 : java-11-openjdk-11.0.7.10-1.el8 (AXSA:2020-214:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-214:06 advisory. OpenJDK: Incorrect bounds checks in NIO Buffers Libraries, 8234841 CVE-2020-2803 OpenJDK: Incorrect type checks in MethodType.readObject Libraries,...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.252.b09-2.el8 (AXSA:2020-161:10)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-161:10 advisory. OpenJDK: Incorrect bounds checks in NIO Buffers Libraries, 8234841 CVE-2020-2803 OpenJDK: Incorrect type checks in MethodType.readObject Libraries,...

EUVD-2026-2800

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...

CVE-2024-2800

ReDoS flaw in RefMatcher when matching branch names using wildcards in GitLab EE/CE affecting all versions from 11.3 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allows denial of service via Regex backtracking...

PT-2025-38129

Name of the Vulnerable Software and Affected Versions: NVIDIA Triton Inference Server versions prior to 25.08 Description: NVIDIA Triton Inference Server contains a vulnerability in the Python backend that allows for remote code execution. An attacker can exploit this by manipulating the model na...

CVE-2018-2800 vulnerabilities

Vulnerabilities for packages: openjdk-17-openj9, openjdk-11-openj9, openjdk-26-openj9, openjdk-21-openj9, openjdk-25-openj9, openjdk-8-openj9...

CVE-2025-2800

creationtimestamp| type| source ---|---|--- 2025-07-16 06:28:51+00:00| seen| Telegram/u0XoWItL0P0d4Sp9p5NGEGCVQCnLJIIBtkRndfDIGPYKcg...

CVE-2025-2800 WP Event Manager <= 3.1.50 - Unauthenticated Stored Cross-Site Scripting via 'organizer_name'

The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘organizername' parameter in all versions up to, and including, 3.1.50 due to insufficient input sanitization and output escaping. This...

CVE-2025-2800

CVE-2025-2800 affects WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce (WordPress). The vulnerability is an unauthenticated stored cross-site scripting flaw via the organizer_name parameter in all versions up to and including 3.1.50. Public sources in connected doc...

WordPress WP Event Manager plugin <= 3.1.50 - Unauthenticated Stored Cross-Site Scripting via 'organizer_name' vulnerability

Unauthenticated Stored Cross-Site Scripting via 'organizername' vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin WP Event Manager versions = 3.1.50...

CVE-2022-2800

A vulnerability, which was classified as problematic, has been found in SourceCodester Gym Management System. Affected by this issue is some unknown functionality. The manipulation leads to clickjacking. The attack may be launched remotely. The exploit has been disclosed to the public and may be...

CVE-2013-2800

The OSIsoft PI Interface for IEEE C37.118 before 1.0.6.158 allows remote attackers to cause a denial of service memory consumption or memory corruption, instance shutdown, and data-collection outage via crafted C37.118 configuration packets...

CVE-2020-27862

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by...

RHEL 7 : rh-mysql80-mysql (RHSA-2019:2484)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2484 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The...

ZTE ZXR10多款产品 安全漏洞

ZTE ZXR10 1800-2S and others are a wireless router from ZTE Corporation ZTE, China. A security vulnerability exists in various ZTE ZXR10 products, which stems from improper privilege management. The following products and versions are affected: ZTE ZXR10 1800-2S version V4.00.10 and prior version...