Linux Distros Unpatched Vulnerability : CVE-2026-2802

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race condition in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148. CVE-2026-2802 Note that Nessus relies on the...

CVE-2026-2802

Race condition in the JavaScript: GC component. This vulnerability affects Firefox 148 and Thunderbird 148...

Mozilla Firefox < 2.0.0.15

The version of Firefox installed on the remote Windows host is prior to 2.0.0.15. It is, therefore, affected by a vulnerability as referenced in the mfsa2008-24 advisory. - Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to...

CVE-2023-2802

The Ultimate Addons for Contact Form 7 WordPress plugin before 3.1.29 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisi...

CVE-2025-2802 LayoutBoxx <= 0.3.1 - Unauthenticated Arbitrary Shortcode Execution

The LayoutBoxx plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 0.3.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

WordPress LayoutBoxx plugin <= 0.3.1 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Avraham Shemesh in WordPress Plugin LayoutBoxx versions = 0.3.1...

Amazon Linux 2 : perl-App-cpanminus (ALAS-2025-2802)

The version of perl-App-cpanminus installed on the remote host is prior to 1.6922-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2802 advisory. The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass. CVE-2020-16154 Tenable has extracted t...

MAL-2024-424 Malicious code in wlwz-2312-2802 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 07245d3507161794aec98c51084187aa8458dc3cc8accca647d49bbe156e8a7d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wlwz-2312-2802 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 07245d3507161794aec98c51084187aa8458dc3cc8accca647d49bbe156e8a7d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2019-2802

creationtimestamp| type| source ---|---|--- 2023-11-15 16:53:22+00:00| seen| https://t.me/BABATATASASA/5989...

CVE-2023-2802

creationtimestamp| type| source ---|---|--- 2023-08-15 00:19:46+00:00| seen| https://t.me/cibsecurity/68486...

CVE-2023-2802

CVE-2023-2802 affects the WordPress plugin Ultimate Addons for Contact Form 7 (before 3.1.29). The issue is failure to sanitize/escape certain settings, enabling Stored XSS by high-privilege users (e.g., admin), even when unfiltered_html is disallowed (such as in multisite). The NVD entry documen...

Oracle Linux 8 : container-tools:4.0 (ELSA-2023-2802)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2802 advisory. - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closin...

SUSE CVE-2019-2802

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

CVE-2022-2802

creationtimestamp| type| source ---|---|--- 2022-08-13 00:33:58+00:00| seen| https://t.me/cibsecurity/48118...

CVE-2022-2802 SourceCodester Gas Agency Management System login.php sql injection

A vulnerability has been found in SourceCodester Gas Agency Management System and classified as critical. This vulnerability affects unknown code of the file gasmark/login.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2022-2802

SourceCodester Gas Agency Management System is affected; the vulnerability exists in gasmark/login.php where manipulating the username parameter triggers a SQL injection. It can be exploited remotely and the exploit has been disclosed publicly. Affected component/file: gasmark/login.php (unknown ...

Debian: Security Advisory (DLA-2802-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:2802-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:0777-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...