CVE-2019-2888

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: EJB Container. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2024-2888

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Stored XSS.This issue affects Post and Page Builder by BoldGrid – Visual Drag and Drop Editor: from n/a through 1.26....

CVE-2017-2888

creationtimestamp| type| source ---|---|--- 2025-09-01 19:03:02+00:00| seen| MISP/d0bda5d9-8cbc-4c6c-8803-a5e3150f9ec2...

CVE-2020-2888

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite component: Partners. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing...

tough-kms (>=0.2.0 <=0.5.0), tough-ssm (>=0.5.0 <=0.8.0) +1 more potentially affected by CVE-2025-2888 via tough (>=0.10.0 <=0.1.0)

tough CARGO version =0.10.0, =0.2.0, =0.5.0, =0.1.0, =0.9.0 Source cves: CVE-2025-2888 Source advisory: OSV:GHSA-76G3-38JV-WXH4...

CVE-2025-2888

creationtimestamp| type| source ---|---|--- 2025-03-28 01:01:10+00:00| seen| https://t.me/cvedetector/21345...

CVE-2025-2888 Improper timestamp caching during snapshot rollback in tough

During a snapshot rollback, the client incorrectly caches the timestamp metadata. If the client checks the cache when attempting to perform the next update, the update timestamp validation will fail, preventing the next update until the cache is cleared. Users should upgrade to tough version 0.20...

CVE-2025-2888

CVE-2025-2888 affects the Amazon tough client (The Update Framework) where, during a snapshot rollback, the client incorrectly caches timestamp metadata. If the next update checks this cache, update timestamp validation may fail, blocking subsequent updates until the cache is cleared. The issue i...

CVE-2025-2888 Improper timestamp caching during snapshot rollback in tough

During a snapshot rollback, the client incorrectly caches the timestamp metadata. If the client checks the cache when attempting to perform the next update, the update timestamp validation will fail, preventing the next update until the cache is cleared. Users should upgrade to tough version 0.20...

CVE-2023-2888

creationtimestamp| type| source ---|---|--- 2025-01-16 19:56:11+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2027...

Rocky Linux 9 : thunderbird (RLSA-2024:2888)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2888 advisory. firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox:...

AlmaLinux 9 : thunderbird (ALSA-2024:2888)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:2888 advisory. - A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affec...

Oracle Linux 9 : thunderbird (ELSA-2024-2888)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2888 advisory. 115.11.0-1.0.1 - Add Oracle prefs 115.11.0-1 - Update to 115.11.0 build2 Tenable has extracted the preceding description block directly from the Oracle...

CVE-2024-2888

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Stored XSS.This issue affects Post and Page Builder by BoldGrid – Visual Drag and Drop Editor: from n/a through 1.26....

CVE-2024-2888 WordPress Post and Page Builder by BoldGrid plugin <= 1.26.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Stored XSS.This issue affects Post and Page Builder by BoldGrid – Visual Drag and Drop Editor: from n/a through 1.26....

CVE-2024-2888 WordPress Post and Page Builder by BoldGrid plugin <= 1.26.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Stored XSS.This issue affects Post and Page Builder by BoldGrid – Visual Drag and Drop Editor: from n/a through 1.26....

CVE-2019-2888

creationtimestamp| type| source ---|---|--- 2024-01-09 18:16:56+00:00| seen| https://t.me/ctinow/165192...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2023-2888)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 5 : ELSA-2014-0433-1: / kernel (ELSA-2014-04331)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-04331 advisory. - Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11 allow physically...

SUSE: Security Advisory (SUSE-SU-2023:2888-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...