109 matches found
CVE-2026-2891
creationtimestamp| type| source ---|---|--- 2026-07-02 00:30:38+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmrpgfmrh2y...
CVE-2026-2891
The following Poly Voice IP devices, CCX, Trio, and Edge E, might be inoperable if they connect to a malicious SIP server and receive malformed data. HP is releasing updates to mitigate these potential vulnerabilities...
CVE-2026-2891
The CVE-2026-2891 entry concerns Poly Voice IP devices (CCX, Trio, Edge E) and describes a potential DoS if these devices connect to a malicious SIP server sending malformed data. Affected components are the Poly Voice devices themselves; the root cause is triggered by malformed SIP input from a ...
EUVD-2026-2891
RarmaRadio 2.72.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing network configuration fields with large character buffers. Attackers can generate a 100,000 character buffer and paste it into multiple network settings fields to trigger...
CVE-2024-2891
A vulnerability, which was classified as critical, was found in Tenda AC7 15.03.06.44. Affected is the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...
Important: perl-File-Find-Rule
Issue Overview: File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when grep encounters a crafted filename. A file handle is opened with the 2 argument form of open allowing an attacker controlled filename to provide the MODE parameter to open, turning the filename...
CVE-2023-2891
The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the processdeleteproduct function. This makes it possible for unauthenticated attackers to delete products via a forged...
CVE-2022-2891
The WP 2FA WordPress plugin before 2.3.0 uses comparison operators that don't mitigate time-based attacks, which could be abused to leak information about the authentication codes being compared...
CVE-2019-2891
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2025-2891
creationtimestamp| type| source ---|---|--- 2025-04-01 07:32:09+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9860 2025-04-01 09:48:06+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114262074055767061 2025-04-01 09:48:06+00:00| seen|...
CVE-2025-2891 WP Pro Real Estate 7 <= 3.5.4 - Authenticated (Custom) Arbitrary File Upload
The Real Estate 7 WordPress theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the 'template-submit-listing.php' file in all versions up to, and including, 3.5.4. This makes it possible for authenticated attackers, with Seller-level access and abov...
CVE-2025-2891 WP Pro Real Estate 7 <= 3.5.4 - Authenticated (Custom) Arbitrary File Upload
The Real Estate 7 WordPress theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the 'template-submit-listing.php' file in all versions up to, and including, 3.5.4. This makes it possible for authenticated attackers, with Seller-level access and abov...
CVE-2025-2891
CVE-2025-2891 – Real Estate 7 WordPress Theme : The vulnerability is in the Real Estate 7 WordPress Theme for WordPress, allowing authenticated attackers with Seller-level access (and above) to upload arbitrary files due to missing file type validation in template-submit-listing.php. Affected ver...
CBL Mariner 2.0 Security Update: libsmi (CVE-2010-2891)
The version of libsmi installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2010-2891 advisory. - Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to...
RHEL 5 : libsmi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libsmi: buffer overflow in smiGetNode can lead to arbitrary code execution CVE-2010-2891 Note that Nessus has not...
RHEL 4 : libsmi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libsmi: buffer overflow in smiGetNode can lead to arbitrary code execution CVE-2010-2891 Note that Nessus has not...
RHEL 8 : httpd:2.4 (RHSA-2024:2891)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2891 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: modhttp2: httpd:...
CVE-2010-2891 affecting package libsmi for versions less than 0.4.8-28
CVE-2010-2891 affecting package libsmi for versions less than 0.4.8-28. A patched version of the package is available...
openSUSE: Security Advisory for curl (SUSE-SU-2023:2891-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-2891
creationtimestamp| type| source ---|---|--- 2024-01-09 14:46:42+00:00| seen| https://t.me/ctinow/165029...