127 matches found
CVE-2026-4019
creationtimestamp| type| source ---|---|--- 2026-04-29 11:03:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkmxa6s4j42k...
EUVD-2026-4019
Missing Authorization vulnerability in Onepay Sri Lanka onepay Payment Gateway For WooCommerce onepay-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects onepay Payment Gateway For WooCommerce: from n/a through = 1.1.2...
EUVD-2020-4019
Malware in sbrugna...
CVE-2022-4019
A denial-of-service vulnerability in the Mattermost Playbooks plugin allows an authenticated user to crash the server via multiple large requests to one of the Playbooks API endpoints...
CVE-2011-4019
Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco Unified Communications Manager CUCM 7.x, allows remote attackers to cause a denial of service memory consumption via a crafted response to a SIP SUBSCRIBE message, aka Bug IDs CSCto93837 and CSCtj61883...
CVE-2025-4019
A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing...
CVE-2025-4019
creationtimestamp| type| source ---|---|--- 2025-04-28 12:11:30+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13675 2025-04-28 13:40:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnuvdaapcq2s 2025-04-28 15:44:06+00:00| seen|...
CVE-2025-4019
The CVE-2025-4019 entry concerns Novel-Plus (versions from 20120630 up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160). The flaw is in the GeneratorController.java, specifically the genCode function, where manipulation leads to missing authentication. This enables a remote attacker to exploit the vu...
CVE-2025-4019 20120630 Novel-Plus GeneratorController.java genCode missing authentication
A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing...
CVE-2025-4019 20120630 Novel-Plus GeneratorController.java genCode missing authentication
A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing...
Linux Distros Unpatched Vulnerability : CVE-2021-4019
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-4019 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL...
CVE-2024-4019
A vulnerability classified as critical has been found in Byzoro Smart S80 Management Platform up to 20240411. Affected is an unknown function of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. It is possible to launch the attack remotely. The exploit has...
CVE-2024-4019 Byzoro Smart S80 Management Platform importhtml.php deserialization
A vulnerability classified as critical has been found in Byzoro Smart S80 Management Platform up to 20240411. Affected is an unknown function of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. It is possible to launch the attack remotely. The exploit has...
CVE-2024-4019 Byzoro Smart S80 Management Platform importhtml.php deserialization
A vulnerability classified as critical has been found in Byzoro Smart S80 Management Platform up to 20240411. Affected is an unknown function of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. It is possible to launch the attack remotely. The exploit has...
Rocky Linux 8 : vim (RLSA-2022:0366)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0366 advisory. - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3872, CVE-2021-3984, CVE-2021-4019 - vim is vulnerable to Use After Free CVE-2021-4192 - vim ...
CVE-2023-4019
creationtimestamp| type| source ---|---|--- 2023-09-04 16:16:39+00:00| seen| https://t.me/cibsecurity/69792...
CVE-2023-4019
The Media from FTP WordPress plugin before 11.17 does not properly limit who can use the plugin, which may allow users with author+ privileges to move files around, like wp-config.php, which may lead to RCE in some cases...
CVE-2023-4019 Media from FTP < 11.17 - Author+ Arbitrary File Access
The Media from FTP WordPress plugin before 11.17 does not properly limit who can use the plugin, which may allow users with author+ privileges to move files around, like wp-config.php, which may lead to RCE in some cases...
CVE-2023-4019
CVE-2023-4019 affects the WordPress plugin Media from FTP, prior to version 11.17. Root cause is improper access control, allowing users with author+ privileges to move sensitive files (e.g., wp-config.php), which may lead to remote code execution in some cases. The issue is fixed in 11.17; upgra...
CVE-2023-4019 Media from FTP < 11.17 - Author+ Arbitrary File Access
The Media from FTP WordPress plugin before 11.17 does not properly limit who can use the plugin, which may allow users with author+ privileges to move files around, like wp-config.php, which may lead to RCE in some cases...