ECHO-F134-6EF2-2906

Bulletin has no description...

CLSA-2026-1777390184 wireshark: Fix of CVE-2023-2906

CVE-2023-2906: fix divide-by-zero in CP2179 timetag info response dissector...

CVE-2026-2906

creationtimestamp| type| source ---|---|--- 2026-03-07 15:00:15+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mgi3qpszxc2h...

CVE-2026-2906

The vulnerability CVE-2026-2906 affects Tenda HG9 (model 300001138) with a flaw in the Samba Configuration Endpoint; specifically, an unknown function in /boaform/formSamba allows manipulation of the sambaCap argument, causing a stack-based buffer overflow. The issue is described as exploitable r...

CVE-2026-2906

A security flaw has been discovered in Tenda HG9 300001138. Affected is an unknown function of the file /boaform/formSamba of the component Samba Configuration Endpoint. The manipulation of the argument sambaCap results in stack-based buffer overflow. The attack may be launched remotely. The...

EUVD-2026-2906

Schlix CMS 2.2.6-6 contains a persistent cross-site scripting vulnerability that allows authenticated users to inject malicious scripts into category titles. Attackers can create a new contact category with a script payload that will execute when the page is viewed by other users...

CVE-2019-2906

Vulnerability in the BI Publisher formerly XML Publisher product of Oracle Fusion Middleware component: Mobile Service. Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2024-2906

Missing Authorization vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73...

CLSA-2025-1765984777 wireshark: Fix of CVE-2023-2906

CVE-2023-2906: fix for potential crash in cp2179 dissector packet-cp2179.c...

Azure Linux 3.0 Security Update: wireshark (CVE-2023-2906)

The version of wireshark installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2906 advisory. - Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark version...

CVE-2023-2906 affecting package wireshark for versions less than 4.4.7-1

CVE-2023-2906 affecting package wireshark for versions less than 4.4.7-1. An upgraded version of the package is available that resolves this issue...

TencentOS Server 4: wireshark (TSSA-2024:0345)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0345 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2020-2906

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Supplier Change. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

WordPress Contempo Real Estate Core plugin <= 3.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by István Márton in WordPress Plugin Contempo Real Estate Core versions = 3.6.3...

CVE-2025-2906

creationtimestamp| type| source ---|---|--- 2025-04-01 11:34:31+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9874 2025-04-01 16:23:15+00:00| seen| https://t.me/cvedetector/21750...

CVE-2025-2906 Contempo Real Estate Core <= 3.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Contempo Real Estate Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.6.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

Linux Distros Unpatched Vulnerability : CVE-2023-2906

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by ze...

CentOS 7 : thunderbird (RHSA-2020:2906)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2906 advisory. - Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially...

RHEL 9 : firefox (RHSA-2024:2906)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2906 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

RHEL 9 : wireshark (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wireshark: Kafka dissector infinite loop CVE-2021-4190 - Crash in the Sysdig Event dissector in Wireshark...