CVE-2026-2993

creationtimestamp| type| source ---|---|--- 2026-05-12 09:22:49+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlnho3aw7b2g...

CVE-2026-2993

The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.4.17 due to insufficient escaping on user supplied parameters and lack of sufficient preparation on the existing SQL query in the getListForTbl function. This makes...

CVE-2026-2993 AI Chatbot & Workflow Automation by AIWU <= 1.4.17 - Unauthenticated SQL Injection in getListForTbl()

The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.4.17 due to insufficient escaping on user supplied parameters and lack of sufficient preparation on the existing SQL query in the getListForTbl function. This makes...

EUVD-2026-2993

The vulnerability, if exploited, could allow an unauthenticated miscreant to achieve remote code execution under OS system privileges of “taoimr” service, potentially resulting in complete compromise of the model application server...

EUVD-2025-2993

Malicious code in bioql PyPI...

Amazon Linux 2 : microcode_ctl, --advisory ALAS2-2025-2993 (ALAS-2025-2993)

The version of microcodectl installed on the remote host is prior to 2.1-47. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2993 advisory. Improper buffer restrictions for some IntelR XeonR Processor firmware with SGX enabled may allow a privileged user to...

CVE-2025-2993

creationtimestamp| type| source ---|---|--- 2025-03-31 12:31:51+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9639 2025-03-31 15:00:49+00:00| seen| https://t.me/cvedetector/21582...

CVE-2025-2993

A vulnerability, which was classified as critical, has been found in Tenda FH1202 1.2.0.14408. Affected by this issue is some unknown functionality of the file /default.cfg. The manipulation of the argument these leads to improper access controls. The attack may be launched remotely. The exploit...

Linux Distros Unpatched Vulnerability : CVE-2017-2993

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lea...

SysAid Help Desk Administrator Account Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SysAid Help Desk Administrator Account Creation', 'Description' = %q This module exploits a vulnerability in SysAid Help Desk that allows an...

CGA-2993-6GJ4-HPM9

Bulletin has no description...

CVE-2024-2993

CVE-2024-2993 pertains to Tenda FH1203 firmware (version 2.0.1.6). The vulnerability is in the function formQuickIndex of /goform/QuickIndex, where manipulation of the PPPOEPassword argument causes a stack-based buffer overflow. It is exploitable remotely, and public disclosures exist (VDB-258162...

CVE-2019-2993

creationtimestamp| type| source ---|---|--- 2023-11-15 16:53:23+00:00| published-proof-of-concept| https://t.me/BABATATASASA/5992 2024-01-15 09:07:06+00:00| seen| https://t.me/ctinow/168222...

CVE-2023-2993

A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands on SMM v1, SMM v2, and FPC that the user does not normally have sufficient privileges to execute...

CVE-2023-2993

Summary of CVE-2023-2993 (Mode C) CVE-2023-2993 affects Lenovo ThinkSystem components including SMM v1, SMM v2, and FPC. The vulnerability arises from authenticated, limited-privilege users being able to craft web management server API calls that execute a limited number of commands that the user...

CVE-2022-2993

CVE-2022-2993 affects Zephyr RTOS (3.1 and earlier). The issue is an error in the condition of the last if-statement in the function smp_check_keys, causing rejection of current keys when all requirements are unmet. Public sources describe it as a design/logic flaw in key validation, with potenti...

CVE-2022-2993 bt: host: Wrong key validation check

There is an error in the condition of the last if-statement in the function smpcheckkeys. It was rejecting current keys if all requirements were unmet...

CVE-2022-2993

creationtimestamp| type| source ---|---|--- 2022-12-09 22:13:39+00:00| seen| Telegram/K0wvv9Vk0DBbAhlULkGZhIk0PfhFHD7fJ5V5UljiJJvmDMU...

SUSE: Security Advisory (SUSE-SU-2022:2993-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0075)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...