MINI-2934-VWJQ-86C6

Bulletin has no description...

CVE-2026-2934

YiFang CMS (up to 2.0.5) is affected in the Extended Management Module by a vulnerability in the update function of file app/db/admin/D_friendLinkGroup.php. The issue arises from manipulation of the Name parameter, enabling cross site scripting (XSS). Attacks can be initiated remotely, and public...

EUVD-2026-2934

lucy-xss-filter before commit 7c1de6d allows an attacker to induce server-side HEAD requests to arbitrary URLs when the ObjectSecurityListener or EmbedSecurityListener option is enabled and embed or object tags are used with a src attribute missing a file extension...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002934)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002934 advisory. Race condition in net/packet/afpacket.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service use-after-free or possibly have unspecified...

CVE-2025-2934

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 5.2 prior to 18.2.8, 18.3 prior to 18.3.4, and 18.4 prior to 18.4.2 that could have allowed an authenticated attacker to create a denial of service condition by configuring malicious webhook endpoints that send crafted HTT...

CVE-2025-2934

creationtimestamp| type| source ---|---|--- 2025-10-09 12:11:15+00:00| seen| Telegram/BDerpKV5u5UIH1BKqMTFQwUtjOiIKTqP3-Ne8mFI1Z2nYg...

CVE-2025-2934

Removed by vendor...

CVE-2025-2934 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 5.2 prior to 18.2.8, 18.3 prior to 18.3.4, and 18.4 prior to 18.4.2 that could have allowed an authenticated attacker to create a denial of service condition by configuring malicious webhook endpoints that send crafted HTT...

GitLab 5.2 < 18.2.8 / 18.3 < 18.3.4 / 18.4 < 18.4.2 (CVE-2025-2934)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 5.2 prior to 18.2.8, 18.3 prior to 18.3.4, and 18.4 prior to 18.4.2 that could have allowed an authenticated attacker to crea...

Medium: jackson

Issue Overview: jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the depth...

CVE-2013-2934

Citrix CloudPortal Services Manager aka Cortex 10.0 before Cumulative Update 3 does not properly restrict access to web services, which has unspecified impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162...

Linux Distros Unpatched Vulnerability : CVE-2017-2934

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files. Successful...

Linux Distros Unpatched Vulnerability : CVE-2012-2934

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xen 4.0, and 4.1, when running a 64-bit PV guest on older AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS...

Linux Distros Unpatched Vulnerability : CVE-2020-2934

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.19 and prior and 5.1.48 and...

CVE-2024-2934

CVE-2024-2934 affects SourceCodester Todo List in Kanban Board 1.0. The vulnerability is an SQL injection in the /endpoint/delete-todo.php endpoint, triggered by manipulation of the list argument. It is exploitable remotely, with exploit details publicly disclosed. Multiple sources corroborate th...

CVE-2024-2934 SourceCodester Todo List in Kanban Board delete-todo.php sql injection

A vulnerability classified as critical was found in SourceCodester Todo List in Kanban Board 1.0. Affected by this vulnerability is an unknown functionality of the file /endpoint/delete-todo.php. The manipulation of the argument list leads to sql injection. The attack can be launched remotely. Th...

CVE-2008-2934

creationtimestamp| type| source ---|---|--- 2024-02-09 03:16:52+00:00| seen| https://t.me/ctinow/181781...

CVE-2019-2934

creationtimestamp| type| source ---|---|--- 2024-01-09 14:07:02+00:00| seen| https://t.me/ctinow/165012...

CVE-2023-2934

creationtimestamp| type| source ---|---|--- 2023-07-03 17:03:55+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8602...

FreeBSD : electron24 -- multiple vulnerabilities (aae2ab45-2d21-4cd5-a53b-07ec933400ac)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the aae2ab45-2d21-4cd5-a53b-07ec933400ac advisory. - Use after free in Extensions in Google Chrome prior to 114.0.5735.90 allowed an attacker who...