CVE-2026-2838

creationtimestamp| type| source ---|---|--- 2026-05-07 22:33:05+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlcbilx2oi2g...

CVE-2024-2838

The WPC Composite Products for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'woococomponents0name' parameter in all versions up to, and including, 7.2.7 due to insufficient input sanitization and output escaping and missing authorization on the...

CGA-F738-J59R-2838

Bulletin has no description...

CVE-2023-2838

Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2...

CVE-2022-2838

In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests...

CVE-2025-2838

Silicon Labs Gecko OS DNS Response Processing Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerabilit...

Linux Distros Unpatched Vulnerability : CVE-2023-2838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2. CVE-2023-2838 Note that Nessus relies on the presence of the package as reported by the vendor...

Linux Distros Unpatched Vulnerability : CVE-2017-2838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge...

CVE-2020-2838

Vulnerability in the Oracle CRM Gateway for Mobile Devices product of Oracle E-Business Suite component: Setup of Mobile Applications. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromis...

RHEL 7 : freerdp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - freerdp: Out-of-bounds write in rdprecvtpktpdu CVE-2017-2835 - freerdp: Integer Overflow leading to Heap...

WordPress WPC Composite Products for WooCommerce Plugin <= 7.2.7 is vulnerable to Cross Site Scripting (XSS)

Software WPC Composite Products for WooCommerce Type Plugin Vulnerable versions = 7.2.7 Fixed in 7.2.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2838 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID c5256a4c7c7a...

CVE-2024-2838

The WPC Composite Products for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'woococomponents0name' parameter in all versions up to, and including, 7.2.7 due to insufficient input sanitization and output escaping and missing authorization on the...

openSUSE 15 Security Update : poppler (SUSE-SU-2023:2838-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2838-1 advisory. - Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc. CVE-2018-21009 - In Poppler through 0.76.1, there is a heap-based...

CVE-2023-2838

Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2...

CVE-2023-2838 Out-of-bounds Read in gpac/gpac

Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2...

CVE-2023-2838

CVE-2023-2838 affects gpac/gpac up to version 2.2.2 and is caused by an out-of-bounds read in the code path. Documented impact includes high confidentiality and availability risks (NVD CVSS v3.1 9.1, network attack vector, user interaction not required). Debian advisory references multiple gpac C...

CVE-2023-2838

Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2...

SUSE CVE-2016-2838

Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document...

SUSE: Security Advisory (SUSE-SU-2022:2838-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-2838

creationtimestamp| type| source ---|---|--- 2022-08-16 14:38:54+00:00| seen| https://t.me/cibsecurity/48208...