102 matches found
Linux Distros Unpatched Vulnerability : CVE-2011-2809
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and...
CVE-2025-2809
The azurecurve Shortcodes in Comments plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.2. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it...
CVE-2025-2809
creationtimestamp| type| source ---|---|--- 2025-04-10 10:31:20+00:00| seen| Telegram/YDvcAPdlvLvCcoAwvz9gU9VvCprHDRzeT4kOSIV0t5J2ank...
CVE-2025-2809
The azurecurve Shortcodes in Comments plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.2. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it...
CVE-2025-2809
CVE-2025-2809 affects the WordPress plugin “azurecurve Shortcodes in Comments” (vulnerable through version 2.0.2). The issue is unauthenticated arbitrary shortcode execution caused by calling do_shortcode without proper value validation. This allows an attacker, without authentication, to execute...
CVE-2025-2809 azurecurve Shortcodes in Comments <= 2.0.2 - Unauthenticated Arbitrary Shortcode Execution
The azurecurve Shortcodes in Comments plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.2. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it...
WordPress azurecurve Shortcodes in Comments plugin <= 2.0.2 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Avraham Shemesh in WordPress Plugin azurecurve Shortcodes in Comments versions = 2.0.2...
Security Bulletin: This Power System update is being released to address CVE 2022-2809
Summary POWER10: In response to a security issue with the BMC HTTPS server, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE-2022-2809. Vulnerability Details CVEID:CVE-2022-2809 DESCRIPTION: In IBM OPENBMC, when using using a...
Synology DiskStation Manager Exposure of Sensitive Information to an Unauthorized Actor (CVE-2015-2809)
The Multicast DNS mDNS responder in Synology DiskStation Manager DSM before 3.1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service traffic amplification or obtain potentially sensitive information via...
CVE-2024-2809
Summary of CVE-2024-2809 (Tenda AC15) A stack-based buffer overflow vulnerability exists in the Tenda AC15 router, specifically in the function formSetFirewallCfg of the page /goform/SetFirewallCfg . Manipulation of the argument firewallEn can be exploited remotely to gain execution on the device...
CVE-2023-2809
creationtimestamp| type| source ---|---|--- 2023-10-04 14:11:50+00:00| seen| https://t.me/cibsecurity/71555...
CVE-2023-2809
Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation of which could allow a remote attacker to extract SQL database credentials from the DLL application. This vulnerability could be linked to known techniques to obtain remote execution of MS SQL command...
CVE-2023-2809 Use of Cleartext credentials in Sage 200 Spain
Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation of which could allow a remote attacker to extract SQL database credentials from the DLL application. This vulnerability could be linked to known techniques to obtain remote execution of MS SQL command...
SUSE CVE-2016-2809
The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 on Windows allows user-assisted remote attackers to delete arbitrary files by leveraging certain local file execution...
CVE-2022-2809
creationtimestamp| type| source ---|---|--- 2022-10-27 16:28:17+00:00| seen| https://t.me/cibsecurity/52149 2022-10-27 16:28:20+00:00| seen| https://t.me/cibsecurity/52151...
CVE-2022-2809
The CVE-2022-2809 issue affects OpenBMC’s bmcweb component (multipart_parser) where a specially crafted multipart HTTPS header can trigger a buffer overflow on the heap when an unclosed header lacks a colon. IBM’s advisory confirms OPENBMC as the affected product and lists vulnerable firmware pat...
SUSE: Security Advisory (SUSE-SU-2021:2809-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : avahi (ALAS-2020-1502)
The version of avahi installed on the remote host is prior to 0.6.31-20. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1502 advisory. avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not...
CVE-2020-2809
Vulnerability in the Oracle E-Business Intelligence product of Oracle E-Business Suite component: DBI Setups. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle E-Business...
CVE-2020-2809
Vulnerability in the Oracle E-Business Intelligence product of Oracle E-Business Suite component: DBI Setups. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle E-Business...