MINI-7988-W4F8-2979

Bulletin has no description...

CVE-2026-2979

A flaw has been found in FastApiAdmin up to 2.2.0. This issue affects the function useravataruploadcontroller of the file /backend/app/api/v1/modulesystem/user/controller.py of the component Scheduled Task API. Executing a manipulation can lead to unrestricted upload. The attack can be launched...

CVE-2026-2979 FastApiAdmin Scheduled Task API controller.py user_avatar_upload_controller unrestricted upload

A flaw has been found in FastApiAdmin up to 2.2.0. This issue affects the function useravataruploadcontroller of the file /backend/app/api/v1/modulesystem/user/controller.py of the component Scheduled Task API. Executing a manipulation can lead to unrestricted upload. The attack can be launched...

MiracleLinux 8 : mailman:2.1 (AXSA:2022-2979:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-2979:01 advisory. mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover CVE-2021-44227 Tenable has extracted the preceding description block directly fr...

EUVD-2026-2979

Not used...

CVE-2023-2979

creationtimestamp| type| source ---|---|--- 2025-09-10 05:23:22+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lyhiixpfdsk2...

CVE-2019-2979

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications component: Payments. Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2025-2979

A vulnerability classified as problematic has been found in WCMS 11. This affects an unknown part of the file /index.php?anonymous/setregister of the component Registration. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely. Th...

CVE-2025-2979

creationtimestamp| type| source ---|---|--- 2025-03-31 06:31:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9603 2025-03-31 09:09:16+00:00| seen| https://t.me/cvedetector/21554...

CVE-2025-2979 WCMS Registration setregister cross site scripting

A vulnerability classified as problematic has been found in WCMS 11. This affects an unknown part of the file /index.php?anonymous/setregister of the component Registration. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely. Th...

CVE-2025-2979 WCMS Registration setregister cross site scripting

A vulnerability classified as problematic has been found in WCMS 11. This affects an unknown part of the file /index.php?anonymous/setregister of the component Registration. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely. Th...

SUSE SLES12 Security Update : tiff (SUSE-SU-2024:2979-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2979-1 advisory. - CVE-2024-7006: Fixed null pointer dereference in tifdirinfo.c bsc1228924 Tenable has extracted the preceding description block directly fr...

Oracle Linux 8 : poppler (ELSA-2024-2979)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2979 advisory. - Fix crash when Object has negative number CVE-2018-13988 - Fix infinite recursion CVE-2017-18267 - Resolves: rhbz1494583 CVE-2017-14520 - Resolves: rhbz145906...

CVE-2024-2979

CVE-2024-2979 affects Tenda F1203 v2.0.1.6: the setSchedWifi function in /goform/openSchedWifi is vulnerable to a stack-based buffer overflow triggered by manipulating schedStartTime/schedEndTime. This enables remote attack with potential arbitrary code execution or crash/DoS; exploitation has be...

CVE-2019-2979

creationtimestamp| type| source ---|---|--- 2024-01-09 14:07:00+00:00| seen| https://t.me/ctinow/165010...

openSUSE 15 Security Update : mysql-connector-java (SUSE-SU-2023:2979-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:2979-1 advisory. - Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.32 and prior. Difficult ...

CVE-2023-2979

CVE-2023-2979 affects Abstrium Pydio Cells 4.2.0, specifically the User Creation Handler component. The issue enables improper access controls, with a remote-initiated attack described across multiple sources. The exploit has been disclosed publicly, and upgrading to version 4.2.1 is the document...

Security Bulletin: InfoSphere Optim Performance Manager is affected by a directory traversal and arbitrary file download vulnerability (CVE-2013-2979)

Abstract IBM InfoSphere Optim Performance Manager is vulnerable to a directory traversal and arbitrary file download attack CVE-2013-2979. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-2979 DESCRIPTION: A remotely authenticated attacker could send a specially-crafted URL request to traverse...

CVE-2022-2979 Omron CX-Programmer

Opening a specially crafted file could cause the affected product to fail to release its memory reference potentially resulting in arbitrary code execution...

CVE-2022-2979 Omron CX-Programmer

Opening a specially crafted file could cause the affected product to fail to release its memory reference potentially resulting in arbitrary code execution...