SUSE: Security Advisory (SUSE-SU-2026:0404-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : librsvg (SUSE-SU-2026:0243-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0243-1 advisory. Update to version 2.57.4 - bsc1243867: - CVE-2024-12224: RUSTSEC-2024-0421 - idna accepts Punycode labels...

Security update for librsvg

This update for librsvg fixes the following issues: Update to version 2.57.4 - bsc1243867: CVE-2024-12224: RUSTSEC-2024-0421 - idna accepts Punycode labels that do not produce any non-ASCII when decoded. RUSTSEC-2024-0404 - Unsoundness in anstream. Patch Instructions: To install this SUSE update...

CVE-2026-0404

creationtimestamp| type| source ---|---|--- 2026-01-13 17:04:20+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115888872438851637...

CVE-2022-0404

The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check authorization or that the option mentioned in the notice param belongs to the plugin when processing requests to the cf7mddismissnotice action, allowing any logged in user with roles as low as Subscriber to set...

EUVD-2026-0404

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

EUVD-2014-0444

Malware in sbrugna...

CVE-2012-0404

Cross-site scripting XSS vulnerability in EMC Documentum eRoom before 7.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2019-0404

SAP Enable Now, before version 1911, leaks information about network configuration in the server error messages, leading to Information Disclosure...

CVE-2025-0404

creationtimestamp| type| source ---|---|--- 2025-01-13 00:35:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113818242834218345 2025-01-13 01:09:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1346 2025-01-13 01:15:21+00:00| seen|...

CVE-2025-0404 liujianview gymxmjpa CoachController.java CoachController sql injection

A vulnerability has been found in liujianview gymxmjpa 1.0 and classified as critical. This vulnerability affects the function CoachController of the file src/main/java/com/liujian/gymxmjpa/controller/CoachController.java. The manipulation of the argument coachName leads to sql injection. The...

CVE-2025-0404

CVE-2025-0404 affects liujianview gymxmjpa 1.0, specifically the CoachController.java function. The root cause is a SQL injection vulnerability caused by unsafely handling the coachName argument in CoachController, enabling remote exploitation. Public details exist (exploit disclosed) with CVSS-b...

CVE-2025-0404 liujianview gymxmjpa CoachController.java CoachController sql injection

A vulnerability has been found in liujianview gymxmjpa 1.0 and classified as critical. This vulnerability affects the function CoachController of the file src/main/java/com/liujian/gymxmjpa/controller/CoachController.java. The manipulation of the argument coachName leads to sql injection. The...

Photon OS 4.0: Cassandra PHSA-2023-4.0-0404

An update of the cassandra package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0404. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Wireshark PHSA-2023-4.0-0404

An update of the wireshark package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0404. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2024-0404

A mass assignment vulnerability exists in the /api/invite/:code endpoint of the mintplex-labs/anything-llm repository, allowing unauthorized creation of high-privileged accounts. By intercepting and modifying the HTTP request during the account creation process via an invitation link, an attacker...

CVE-2024-0404

CVE-2024-0404 describes a mass-assignment vulnerability in the mintplex-labs/anything-llm repository, specifically the "/api/invite/:code" endpoint. The issue allows an attacker to inject a privileged role (admin) during account creation via an invitation link by exploiting missing property allow...

Malicious code in wlwz-2312-0404 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 02e13a0a3eff0cece1235c716dc145c74c69b2a4ca17c5353f85879b231c176a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-210 Malicious code in wlwz-2312-0404 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 02e13a0a3eff0cece1235c716dc145c74c69b2a4ca17c5353f85879b231c176a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CentOS 7 : kpatch-patch (RHSA-2023:0404)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0404 advisory. - A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple...