WordPress WPvivid Backup <0.9.76 - Local File Inclusion

WordPress WPvivid Backup version 0.9.76 is vulnerable to local file inclusion because the plugin does not sanitize and validate a parameter before using it to read the content of a file, allowing high privilege users to read any file from the web server. id: CVE-2022-2863 info: name: WordPress...

MINI-QJRP-2863-9XP9

Bulletin has no description...

MINI-2863-24X8-X824

Bulletin has no description...

CVE-2026-2863

A flaw has been found in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. The impacted element is the function deleteFile of the file FileServiceImpl.java. This manipulation causes path traversal. The attack can be initiated remotely. The exploit has been...

CVE-2026-2863 feng_ha_ha/megagao ssm-erp/production_ssm FileServiceImpl.java deleteFile path traversal

A flaw has been found in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. The impacted element is the function deleteFile of the file FileServiceImpl.java. This manipulation causes path traversal. The attack can be initiated remotely. The exploit has been...

CVE-2026-2863

A flaw has been found in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. The impacted element is the function deleteFile of the file FileServiceImpl.java. This manipulation causes path traversal. The attack can be initiated remotely. The exploit has been...

CVE-2024-2863

creationtimestamp| type| source ---|---|--- 2026-01-15 21:03:03+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mciiaeikmx2t...

CVE-2023-2863

A vulnerability has been found in Simple Design Daily Journal 1.012.GP.B on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the component SQLite Database. The manipulation leads to cleartext storage in a file or on disk. It is possible to launc...

CVE-2022-2863

The Migration, Backup, Staging WordPress plugin before 0.9.76 does not sanitise and validate a parameter before using it to read the content of a file, allowing high privilege users to read any file from the web server via a Traversal attack...

CVE-2019-2863

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBo...

CVE-2011-2863

Insufficient policy enforcement in V8 in Google Chrome prior to 14.0.0.0 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2025-2863

Cross-site request forgery CSRF vulnerability in the web application of saTECH BCU firmware version 2.1.3, which could allow an unauthenticated local attacker to exploit active administrator sessions and perform malicious actions. The malicious actions that can be executed by the attacker depend ...

CVE-2025-2863 Cross-site request forgery (CSRF) vulnerability in saTECH BCU

Cross-site request forgery CSRF vulnerability in the web application of saTECH BCU firmware version 2.1.3, which could allow an unauthenticated local attacker to exploit active administrator sessions and perform malicious actions. The malicious actions that can be executed by the attacker depend ...

RHEL 8 : webkit2gtk3 (RHSA-2025:2863)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2863 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: out-of-bounds write vulnerability...

Oracle Linux 8 : webkit2gtk3 (ELSA-2025-2863)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-2863 advisory. 2.46.6-2 - Add patch for CVE-2025-24201 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

CVE-2023-2863

creationtimestamp| type| source ---|---|--- 2025-01-16 15:56:01+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1961...

CVE-2015-2863

creationtimestamp| type| source ---|---|--- 2024-10-27 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-10-27 2024-11-09 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-11-09 2025-01-20 00:00:00+00:00| seen| The Shadowserver...

CVE-2024-2863

LG LED Assistant has a path traversal via /api/thumbnail in Common.js. An unauthenticated remote attacker can upload arbitrary files to disk, enabling arbitrary file write. Affected component: thumbnail upload handler; vulnerability described as path traversal. CVSS from NVD shows high impact in ...

CVE-2024-2863 Path traversal via file upload on LG LED Assistant

This vulnerability allows remote attackers to traverse paths via file upload on the affected LG LED Assistant...

CVE-2024-2863 Path traversal via file upload on LG LED Assistant

This vulnerability allows remote attackers to traverse paths via file upload on the affected LG LED Assistant...