CVE-2026-2919

Malicious scripts could display attacker-controlled web content under spoofed domains in Focus for iOS by stalling a self navigation to an invalid port and triggering an iframe redirect, causing the UI to display a trusted domain without user interaction. This vulnerability was fixed in Focus for...

CVE-2026-2919

creationtimestamp| type| source ---|---|--- 2026-03-10 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0257/...

EUVD-2022-2919

Malicious code in bioql PyPI...

CVE-2025-2919

creationtimestamp| type| source ---|---|--- 2025-03-28 18:28:19+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9420 2025-03-28 20:15:56+00:00| seen| https://t.me/cvedetector/21456...

CVE-2025-2919 Netis WF-2404 UART hardware allows activation of test or debug logic at runtime

A vulnerability was found in Netis WF-2404 1.1.124EN. It has been declared as critical. This vulnerability affects unknown code of the component UART. The manipulation leads to hardware allows activation of test or debug logic at runtime. It is possible to launch the attack on the physical device...

CVE-2023-2919 Tutor LMS <= 2.7.4 - Cross-Site Request Forgery via 'addon_enable_disable'

The Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.4. This is due to missing or incorrect nonce validation on the 'addonenabledisable' function. This makes it possible for unauthenticated attackers to enable or disable addons via a...

CVE-2023-2919 Tutor LMS <= 2.7.4 - Cross-Site Request Forgery via 'addon_enable_disable'

The Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.4. This is due to missing or incorrect nonce validation on the 'addonenabledisable' function. This makes it possible for unauthenticated attackers to enable or disable addons via a...

WordPress Tutor LMS Plugin <= 2.7.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Tutor LMS Type Plugin Vulnerable versions = 2.7.4 Fixed in 2.7.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-2919 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a0dbe6193554 Credits Ram Required privilege...

CVE-2024-2919

CVE-2024-2919 affects the Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress. The vulnerability is a Stored Cross-Site Scripting via the CountUp Widget in all versions up to 3.2.31, caused by insufficient input sanitization and output escaping on user-supplied attribu...

WordPress Gutenberg Blocks by Kadence Blocks Plugin <= 3.2.31 is vulnerable to Cross Site Scripting (XSS)

Software Gutenberg Blocks by Kadence Blocks Type Plugin Vulnerable versions = 3.2.31 Fixed in 3.2.32 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2919 Patch priority Low CVSS severity Low 6.5 Developer KadenceWP PSID 67f4bc4f06d9 Credits Webbernau...

SUSE: Security Advisory (SUSE-SU-2022:2919-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2013-0306)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-2919

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Unified Navigation. Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2018-2919

CVE-2018-2919 is a vulnerability in the Oracle PeopleSoft product stack, specifically the PeopleSoft Enterprise PeopleTools component (subcomponent: Unified Navigation). The affected software versions identified are 8.55 and 8.56. The vulnerability is exploitable via HTTP over the network by an u...

[SECURITY] [DSA 4173-1] r-cran-readxl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4173-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 16, 2018 https://www.debian.org/security/faq -...

CVE-2017-2919

An exploitable stack based buffer overflow vulnerability exists in the xlsgetfcell function of libxls 1.3.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...

CVE-2017-2919

The CVE-2017-2919 issue concerns the libxls library (v1.3.4) where the function xls_getfcell has a stack-based buffer overflow vulnerability. A crafted XLS file can cause memory corruption, enabling remote code execution . Public references consistently tie this to the libxls code path used when ...

Ubuntu: Security Advisory (USN-2919-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : chromium (openSUSE-SU-2013:1556-1)

Update to Chromium 30.0.1599.66 : - Easier searching by image - A number of new apps/extension APIs - Lots of under the hood changes for stability and performance - Security fixes : + CVE-2013-2906: Races in Web Audio + CVE-2013-2907: Out of bounds read in Window.prototype object + CVE-2013-2908:...

CVE-2011-2919

CVE-2011-2919 is a cross-site scripting (XSS) vulnerability in Spacewalk 1.6 as used with Red Hat Network Satellite. The issue allows a remote attacker to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page. Connected documents corroborate the vulnerability in R...