CVE-2026-2871

creationtimestamp| type| source ---|---|--- 2026-02-24 03:40:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mflamhayx52i...

CVE-2026-2871

CVE-2026-2871 affects Tenda A21 (firmware 1.0.0.0). The vulnerability is in the function fromSetIpMacBind of the file /goform/SetIpMacBind, where argument-list manipulation causes a stack-based buffer overflow. This allows remote, unauthenticated code execution with high impact to confidentiality...

CVE-2026-2871 Tenda A21 SetIpMacBind fromSetIpMacBind stack-based overflow

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function fromSetIpMacBind of the file /goform/SetIpMacBind. This manipulation of the argument list causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made available to th...

EUVD-2026-2871

Disk Sorter Server 13.6.12 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Sorter Server\bin\disksrs.exe' to inject malicious...

CVE-2019-2871

Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are 12.1.6.1.23, 12.1.6.1.26, 12.1.6.1.29, 12.1.6.1.36, 12.1.6.2.23 and 12.1.6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Data...

CVE-2023-2871

A vulnerability was found in FabulaTech USB for Remote Desktop 6.1.0.0. It has been rated as problematic. Affected by this issue is the function 0x220448/0x220420/0x22040c/0x220408 of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be...

CVE-2014-2871

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on an HTTP session for entering credentials on login pages, which allows remote attackers to obtain sensitive information by sniffing the network...

CVE-2025-2871

The WordPress Mega Menu – QuadMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the ajaxdismissnotice function. This makes it possible for unauthenticated attackers to update a...

CVE-2025-2871

creationtimestamp| type| source ---|---|--- 2025-04-12 03:51:39+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11534 2025-04-12 05:42:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmlt6qxmjp2u 2025-04-12 09:10:19+00:00| seen| https://t.me/cvedetector/22792...

WordPress QuadMenu plugin <= 3.2.0 - Cross-Site Request Forgery to Limited User Meta Update vulnerability

Cross-Site Request Forgery to Limited User Meta Update vulnerability discovered by Peter Thaleikis in WordPress Plugin QuadMenu versions = 3.2.0...

Linux Distros Unpatched Vulnerability : CVE-2013-2871

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact...

CVE-2024-2871

creationtimestamp| type| source ---|---|--- 2025-02-26 18:24:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5559...

CVE-2020-2871

Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

WordPress Media Library Assistant Plugin <= 3.13 is vulnerable to SQL Injection

Software Media Library Assistant Type Plugin Vulnerable versions = 3.13 Fixed in 3.14 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-2871 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 35f3b6344141 Credits stealthcopter Required privilege Contributor...

CVE-2012-2871

creationtimestamp| type| source ---|---|--- 2024-03-25 11:49:23+00:00| seen| https://t.me/ETHICALHACKERSCOMMUNITY2/3889 2024-03-25 14:38:09+00:00| seen| Telegram/HKj6TR4hMohrGsEUcNFDijNGdim3MCZhggfzha3EYtXw 2024-03-25 14:38:09+00:00| seen| https://t.me/tengkorakcybercrewz/4400 2024-03-25...

CAN-2005-2871

Summary (CVE-2005-2871) : A buffer/heap overflow in IDN hostname handling affects Mozilla Firefox and derivatives (e.g., Thunderbird). Improper processing of international domain names (IDN) can allow a remote attacker to cause a crash or execute arbitrary code in the user’s security context. The...

CVE-2023-2871

FabulaTech USB for Remote Desktop 6.1.0.0 exposes a null pointer dereference in the IoControlCode Handler component, specifically affecting functions 0x220448/0x220420/0x22040c/0x220408. The issue enables local exploitation and has been publicly disclosed (VDB-229850). Multiple sources (NVD/NVDC/...

SUSE: Security Advisory (SUSE-SU-2022:2871-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-2871

creationtimestamp| type| source ---|---|--- 2022-08-17 12:40:04+00:00| seen| https://t.me/cibsecurity/48269...

CVE-2022-2871

The CVE-2022-2871 entry concerns a stored cross-site scripting (XSS) vulnerability in NotrinosERP prior to version 0.7. Multiple connected sources (e.g., GHSA-hrx5-cv4v-4c44, OSV, Red Hat advisories) confirm that NotrinosERP versions before 0.7 are vulnerable due to a stored XSS flaw in the GitHu...