CVE-2026-2886

creationtimestamp| type| source ---|---|--- 2026-03-07 13:40:10+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mghxbhyzql2m...

CVE-2026-2886 Tenda A21 SetOnlineDevName set_device_name stack-based overflow

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function setdevicename of the file /goform/SetOnlineDevName. This manipulation of the argument devName causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to t...

CVE-2019-2886

Vulnerability in the Oracle Forms product of Oracle Fusion Middleware component: Services. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Forms. Successful attacks require hum...

CVE-2023-2886

creationtimestamp| type| source ---|---|--- 2025-09-10 17:16:55+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lyiqc3nnx7d2...

CVE-2022-2886

A vulnerability, which was classified as critical, was found in Laravel 5.1. Affected is an unknown function. The manipulation leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability...

CVE-2025-2886

Missing validation of terminating delegation causes the client to continue searching the defined delegation list, even after searching a terminating delegation. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users should upgrade to tough...

tough-kms (>=0.2.0 <=0.5.0), tough-ssm (>=0.5.0 <=0.8.0) +1 more potentially affected by CVE-2025-2886 via tough (>=0.10.0 <=0.1.0)

tough CARGO version =0.10.0, =0.2.0, =0.5.0, =0.1.0, =0.9.0 Source cves: CVE-2025-2886 Source advisory: OSV:GHSA-V4WR-J3W6-MXQC...

CVE-2025-2886

creationtimestamp| type| source ---|---|--- 2025-03-28 01:01:06+00:00| seen| https://t.me/cvedetector/21343...

CVE-2025-2886 Terminating targets role delegations are not respected in tough

Missing validation of terminating delegation causes the client to continue searching the defined delegation list, even after searching a terminating delegation. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users should upgrade to tough...

CVE-2025-2886

CVE-2025-2886 describes a flaw in the Amazon tough (TUF) client: missing validation of terminating delegations causes the client to continue searching the delegation list after a terminating delegation, potentially fetching a target from an incorrect source and altering contents. Affected softwar...

CVE-2025-2886 Terminating targets role delegations are not respected in tough

Missing validation of terminating delegation causes the client to continue searching the defined delegation list, even after searching a terminating delegation. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users should upgrade to tough...

Linux Distros Unpatched Vulnerability : CVE-2024-2886

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium...

RHEL 8 : firefox (RHSA-2024:2886)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2886 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

FreeBSD : electron{27,28} -- multiple vulnerabilities (c2431c4e-622c-4d92-996d-d8b5258ae8c9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the c2431c4e-622c-4d92-996d-d8b5258ae8c9 advisory. - Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to...

Attacks, Vulnerabilities and Actors 25 to 31 March 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of twelve attacks were executed, ten vulnerabilities were uncovered, and two active adversaries were...

Fedora: Security Advisory for chromium (FEDORA-2024-b4dab205d7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KLA65382 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Type confusion vulnerability in WebAssembly can be exploited to cause...

Debian: Security Advisory (DSA-5648-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dsa-5648 : chromium - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5648 advisory. - Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page...

Fedora: Security Advisory (FEDORA-2024-0bb0e8f2a0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...