McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting

McAfee Network Data Loss Prevention User-Agent 9.3.x contains a cross-site scripting vulnerability which allows remote attackers to get session/cookie information via modification of the HTTP request. id: CVE-2017-4011 info: name: McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting...

MiracleLinux 8 : xorg-x11-server-1.20.11-5.el8, xorg-x11-server-Xwayland-21.1.3-2.el8 (AXSA:2022-3547:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3547:01 advisory. xorg-x11-server: SProcRenderCompositeGlyphs out-of-bounds access CVE-2021-4008 xorg-x11-server: SProcXFixesCreatePointerBarrier out-of-bounds access...

CVE-2009-4011

dtc-xen 0.5.x before 0.5.4 suffers from a race condition where an attacker could potentially get a bash access as xenXX user on the dom0, and then access a potentially reuse an already opened VPS console...

PT-2025-28075

Name of the Vulnerable Software and Affected Versions: Broadcom Symantec Endpoint Management Suite Altiris affected versions not specified Description: Remote attackers can execute arbitrary code in the context of the vulnerable service process. The vulnerability was discovered during a red team...

CVE-2022-4011

A vulnerability was found in Simple History Plugin. It has been rated as critical. This issue affects some unknown processing of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack may be initiated remotely. T...

CVE-2010-4011

Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issu...

CVE-2025-4011

creationtimestamp| type| source ---|---|--- 2025-04-28 09:40:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnuhxixa4c2v 2025-04-28 13:13:38+00:00| seen| https://t.me/cvedetector/23901...

CVE-2025-4011

A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...

CVE-2025-4011

A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...

CVE-2025-4011 Redmine Custom Query cross site scripting

A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...

CVE-2025-4011 Redmine Custom Query cross site scripting

A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...

CVE-2025-4011

A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...

CVE-2025-4011

CVE-2025-4011 affects Redmine versions 6.0.0–6.0.3, where the unknown code path in the Custom Query Handler improperly handles the argument named “Name”, enabling remote Cross‑Site Scripting (XSS) . The impact is limited to client-side execution and depends on user interaction as described by the...

CVE-2025-4011

A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...

openSUSE Security Advisory (SUSE-SU-2024:4011-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GitLab 16.1 < 16.11.5 / 17.0 < 17.0.3 / 17.1 < 17.1.1 (CVE-2024-4011)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows non-project...

CVE-2024-4011 Improper Access Control in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows non-project member to promote key results to objectives...

CVE-2024-4011 Improper Access Control in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows non-project member to promote key results to objectives...

CentOS 9 : xorg-x11-server-Xwayland-21.1.3-5.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the xorg-x11-server-Xwayland-21.1.3-5.el9 build changelog. - A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in...

Rocky Linux 8 : xorg-x11-server and xorg-x11-server-Xwayland (RLSA-2022:1917)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:1917 advisory. - A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs...