CVE-2026-2893

creationtimestamp| type| source ---|---|--- 2026-03-05 09:51:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgcjk2d2qi2z...

EUVD-2026-2893

Sandboxie 5.49.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the container folder input field. Attackers can paste a large buffer of repeated characters into the Sandbox container folder setting to trigger an application crash...

RockyLinux 8 : python-mako (RLSA-2023:2893)

The remote RockyLinux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2023:2893 advisory. mako: REDoS in Lexer class CVE-2022-40023 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note that Nessus h...

Linux Distros Unpatched Vulnerability : CVE-2020-2893

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.19 and prior. Easily exploitable...

CVE-2023-2893

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the processdeactivateproduct function. This makes it possible for unauthenticated attackers to deactivate products via ...

CVE-2025-2893

creationtimestamp| type| source ---|---|--- 2025-04-29 07:12:10+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13794 2025-04-29 07:51:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnwsbumh432d 2025-04-29 10:58:35+00:00| seen| https://t.me/cvedetector/23983...

CVE-2025-2893

CVE-2025-2893 affects the WordPress plugin Gutenverse – Ultimate Block Addons and Page Builder for Site Editor (versions up to and including 2.2.1). The issue is a Stored Cross‑Site Scripting (XSS) in the countdown Block caused by insufficient input sanitization and output escaping on user-suppli...

WordPress Gutenverse plugin <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via countdown Block vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via countdown Block vulnerability discovered by Webbernaut in WordPress Plugin Gutenverse versions = 2.2.1...

CVE-2023-2893 WP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_deactivate_product

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the processdeactivateproduct function. This makes it possible for unauthenticated attackers to deactivate products via ...

CVE-2023-2893

CVE-2023-2893 affects the WP EasyCart WordPress plugin up to version 5.4.8. Root cause: missing or incorrect nonce validation in the process_deactivate_product function enables CSRF, allowing unauthenticated attackers to deactivate products via forged admin actions. Impact: potential unauthorized...

CVE-2023-2893

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the processdeactivateproduct function. This makes it possible for unauthenticated attackers to deactivate products via ...

RHEL 8 : python-mako (RHSA-2023:2893)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:2893 advisory. Mako is a template library written in Python. It provides a familiar, non-XML syntax which compiles into Python modules for maximum performance...

SUSE CVE-2007-1323

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2893. Reason: this candidate was intended for one issue, but some sources used this identifier for a separate issue, and a duplicate identifier had also been created by the time dual use was detected. Notes: All CVE users should consult...

CVE-2022-2893

creationtimestamp| type| source ---|---|--- 2023-01-17 20:40:14+00:00| seen| https://t.me/cibsecurity/56599...

CVE-2022-2893

RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files...

CVE-2022-2893

RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files...

CVE-2022-2893

RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files...

CVE-2022-2893

RONDS EPM v1.19.5 contains a path traversal vulnerability where the filename parameter is not properly validated, allowing an unauthorized user to specify file paths and download files. The issue is explicitly CVE-2022-2893; CISA ICS advisories also describe an adjacent exposure vulnerability (CV...

SUSE: Security Advisory (SUSE-SU-2022:2893-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2013-0373)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...