MINI-JJ6X-2823-M2QV

Bulletin has no description...

CVE-2026-2823

A vulnerability was detected in Comfast CF-E7 2.6.0.9. The impacted element is the function sub41ACCC of the file /cgi-bin/mbox-config?method=SET&section=ntptimezone of the component webmggnt. Performing a manipulation of the argument timestr results in command injection. The attack is possible t...

CVE-2026-2823 Comfast CF-E7 webmggnt mbox-config sub_41ACCC command injection

A vulnerability was detected in Comfast CF-E7 2.6.0.9. The impacted element is the function sub41ACCC of the file /cgi-bin/mbox-config?method=SET&section=ntptimezone of the component webmggnt. Performing a manipulation of the argument timestr results in command injection. The attack is possible t...

RHEL 10 / 8 / 9 : Updated discovery-cli RPM versions 2.4.3 (Important) (RHSA-2026:2823)

The remote Redhat Enterprise Linux 10 / 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:2823 advisory. New 2.4.3 version of discovery-cli dsc is now available for Discovery 2.4. This version contains a fix for CVE-2026-24049 . Tenable has...

CVE-2017-2823

creationtimestamp| type| source ---|---|--- 2025-08-31 03:01:20+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d...

CGA-6C3Q-VJ5M-2823

Bulletin has no description...

CVE-2023-2823

A vulnerability was found in SourceCodester Class Scheduling System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/editsubject.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql...

CVE-2010-2823

Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Engine ACE 4710 appliance with software before A32.6 allows remote attackers to cause a denial of service device reload via crafted HTTP packets, related to HTTP, RTSP, and SIP inspection, aka Bug ID...

CVE-2024-2823 DedeCMS mda_main.php cross-site request forgery

A vulnerability has been found in DedeCMS 5.7 and classified as problematic. This vulnerability affects unknown code of the file /src/dede/mdamain.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...

CVE-2024-2823

CVE-2024-2823 affects DedeCMS 5.7, impacting the /src/dede/mda_main.php path. The issue is a cross-site request forgery (CSRF) vulnerability that can be triggered remotely; the CVSS vectors indicate NETWORK access, LOW attack complexity, NONE privileges, UI interaction required, with I/LOW impact...

CVE-2023-2823

CVE-2023-2823 affects SourceCodester Class Scheduling System 1.0. The vulnerability lies in the GET Parameter Handler for the file /admin/edit_subject.php, where manipulating the id parameter causes SQL injection. It is exploitable remotely, and publicized exploits exist (VDB-229597). Multiple so...

CVE-2022-2823

creationtimestamp| type| source ---|---|--- 2022-10-11 00:25:29+00:00| seen| https://t.me/cibsecurity/51085...

CVE-2022-2823

CVE-2022-2823 documents a stored XSS in the WordPress plugin “MetaSlider” (Slider, Gallery, and Carousel) prior to version 3.27.9. The root cause is inadequate sanitization/escaping of certain Gallery Image parameters, which permits high-privilege users (e.g., admins) to inject scripts even when ...

CVE-2022-2823 Slider, Gallery, and Carousel by MetaSlider < 3.27.9 - Admin+ Stored Cross Site Scripting

The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.27.9 does not sanitise and escape some of its Gallery Image parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallow...

CVE-2020-2823

Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite component: Notes. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Common...

CVE-2020-2823

CVE-2020-2823 affects Oracle E-Business Suite, Common Applications Calendar component Notes (versions 12.1.1–12.1.3). The issue permits an unauthenticated attacker with network access via HTTP to compromise Calendar data and may allow unauthorized read/write depending on data accessibility. The C...

CVE-2019-2823

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 8.0.5-8.0.8. Easily exploitable vulnerability allows low privileged attacker with networ...

CVE-2019-2823

The CVE-2019-2823 entry concerns Oracle Financial Services Applications Infrastructure (subcomponent: Infrastructure) in Oracle Financial Services Applications. Affected versions are 8.0.5–8.0.8. The vulnerability allows a low-privileged attacker who can access over HTTP via the network to cause ...

CVE-2018-2823

CVE-2018-2823 affects Oracle Transportation Management (Oracle Supply Chain Products Suite), subcomponent Database, with a vulnerable version 6.4.3. The flaw allows a low-privilege, network-adjacent attacker to exploit via HTTP to cause unauthorized creation, deletion, or modification of data wit...

PowerISO ISO Parsing Use After Free(CVE-2017-2823)

Summary A use-after-free vulnerability exists in the .ISO parsing functionality of PowerISO 6.8. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can send a specific .ISO file to trigger this vulnerability. Tested Versions PowerISO 6.8 6, ...