CVE-2007-4006

Buffer overflow in Mike Dubman Windows RSH daemon rshd 1.7 has unknown impact and remote attack vectors, aka ZD-00000034. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories....

CVE-2023-4006

Improper Neutralization of Formula Elements in a CSV File in GitHub repository thorsten/phpmyfaq prior to 3.1.16...

Linux Distros Unpatched Vulnerability : CVE-2024-4006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all...

CVE-2024-4006

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes were not honored by GraphQL subscriptions...

CVE-2022-4006

A vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by this issue is the function increaseattempts of the file wbce/framework/class.login.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of...

CVE-2025-4006

A vulnerability classified as critical has been found in youyiio BeyongCms 1.6.0. Affected is an unknown function of the file /admin/theme/Upload.html of the component Document Management Page. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack...

CVE-2025-4006 youyiio BeyongCms Document Management Page Upload.html unrestricted upload

A vulnerability classified as critical has been found in youyiio BeyongCms 1.6.0. Affected is an unknown function of the file /admin/theme/Upload.html of the component Document Management Page. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack...

CVE-2025-4006 youyiio BeyongCms Document Management Page Upload.html unrestricted upload

A vulnerability classified as critical has been found in youyiio BeyongCms 1.6.0. Affected is an unknown function of the file /admin/theme/Upload.html of the component Document Management Page. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack...

Linux Distros Unpatched Vulnerability : CVE-2016-4006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial o...

CVE-2024-4006

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes were not honored by GraphQL subscriptions...

CVE-2024-4006 Incorrect Authorization in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes were not honored by GraphQL subscriptions...

Malicious code in wlwz-2312-4006 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 63a31a1f7565f61f2e9c5b26c718640704c9450570cd8e7635042575126ddcbb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-4006

creationtimestamp| type| source ---|---|--- 2023-07-31 07:37:22+00:00| seen| Telegram/SBgMJa0yh4EbcTTQKZYiha14LoyeVkw2Xj-K1Xryf-FMHD0...

CVE-2023-4006

CVE-2023-4006 affects phpMyFAQ before version 3.1.16. The vulnerability arises from improper neutralization of formula elements in CSV files processed by phpMyFAQ, enabling affects to potentially exploit crafted CSV content. Impact per CVSS (NVD) is Critical (C:H/I:H/A:H) with network attack vect...

CVE-2023-4006 Improper Neutralization of Formula Elements in a CSV File in thorsten/phpmyfaq

Improper Neutralization of Formula Elements in a CSV File in GitHub repository thorsten/phpmyfaq prior to 3.1.16...

SUSE CVE-2016-4006

epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service stack memory consumption and application crash via a crafted packet...

CVE-2022-4006 WBCE CMS Header class.login.php increase_attempts excessive authentication

A vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by this issue is the function increaseattempts of the file wbce/framework/class.login.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of...

CVE-2022-4006

WBCE CMS (Header Handler) contains a vulnerability in the increase_attempts function of wbce/framework/class.login.php where manipulating X-Forwarded-For leads to insufficiently restricting excessive authentication attempts. This is a remote-auth related issue, with impact described as improper r...

VMWare Workspace Command Injection (CVE-2020-4006)

A command injection vulnerability exists in multiple VMWare products. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

CVE-2020-23055

CVE-2020-23055 affects ANCOM WLAN Controller models WLC-1000 and WLC-4006. The devices were found to contain multiple cross-site scripting (XSS) vulnerabilities in the /authen/start/ module, exploitable via the userid and password parameters. The issue is documented with CVSS metrics: CVSS v3.1 b...