CVE-2026-2854

creationtimestamp| type| source ---|---|--- 2026-02-20 21:00:47+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfcyvkr2nc2k 2026-02-20 21:01:39+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfcyx4c4wj2n 2026-02-24 13:40:10+00:00| seen|...

CVE-2026-2854

DVE-2026-2854 affects D-Link DWR-M960 firmware 1.01.07. The flaw is in the NTP Configuration Endpoint, specifically the sub_4611CC function in /boafrm/formNtp, where manipulating the submit-url argument can trigger a stack-based buffer overflow. Remote exploitation is possible, with exploit resea...

CVE-2026-2854

A flaw has been found in D-Link DWR-M960 1.01.07. This impacts the function sub4611CC of the file /boafrm/formNtp of the component NTP Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The...

Linux Distros Unpatched Vulnerability : CVE-2016-2854

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a...

TencentOS Server 4: wireshark (TSSA-2024:0345)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0345 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

SUSE: Security Advisory (SUSE-SU-2024:3165-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2010-2854

Multiple cross-site scripting XSS vulnerabilities in modfile.php in Event Horizon EVH 1.1.10, when magicquotesgpc is disabled, allow remote attackers to inject arbitrary web script or HTML via the 1 YourEmail and 2 VerificationNumber parameters, which are not properly handled in a forced SQL erro...

CVE-2005-2854

CRLF injection vulnerability in thesitewizard.com chfeedback.pl Feedback Form Perl Script 2.0.1 allows remote attackers to use the script as a mail relay spam proxy via CRLF sequences in the 1 name or 2 email fields, which are injected into mail headers...

CVE-2025-2854

creationtimestamp| type| source ---|---|--- 2025-03-27 15:26:56+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9123 2025-03-27 16:39:10+00:00| seen| https://t.me/cvedetector/21301...

CVE-2025-2854 code-projects Payroll Management System update_employee.php sql injection

A vulnerability classified as critical was found in code-projects Payroll Management System 1.0. Affected by this vulnerability is an unknown functionality of the file updateemployee.php. The manipulation of the argument emptype leads to sql injection. The attack can be launched remotely. The...

CVE-2025-2854 code-projects Payroll Management System update_employee.php sql injection

A vulnerability classified as critical was found in code-projects Payroll Management System 1.0. Affected by this vulnerability is an unknown functionality of the file updateemployee.php. The manipulation of the argument emptype leads to sql injection. The attack can be launched remotely. The...

CVE-2020-2854

Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Advanced...

CentOS 7 : kernel-alt (RHSA-2020:2854)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2854 advisory. - A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess...

openSUSE Security Advisory (SUSE-SU-2024:3165-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:3165-1 Security update for wireshark

This update for wireshark fixes the following issues: wireshark was updated from version 3.6.23 to version 4.2.6 jscPED-8517: - Security issues fixed with this update: CVE-2024-0207: HTTP3 dissector crash bsc1218503 CVE-2024-0210: Zigbee TLV dissector crash bsc1218506 CVE-2024-0211: DOCSIS...

CGA-2XWW-2854-RQ4H

Bulletin has no description...

CVE-2024-2854 Tenda AC18 setsambacfg formSetSambaConf os command injection

A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. It is possible to launch the attack remotely. The exploit has been...

openSUSE: Security Advisory for opera (openSUSE-SU-2022:10109-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for chromium (openSUSE-SU-2022:10099-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2023-2854)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...