@action.sustainability/storybook-dashboard (>=0.1.1 <=0.1.5), @aliedu/vc-edu-components (>=1.1.15 <=1.1.24) +389 more potentially affected by unknown CVE via @antv/path-util (=3.0.1)

@antv/path-util NPM version =3.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/path-util and may be impacted: - @action.sustainability/storybook-dashboard =0.1.1, =1.1.15, =0.1.0, =0.9.4-beta1, =0.0.1-beta.1, =0.0.1, =3.0.0, =3.0.0, =1.0.0,...

CVE-2026-4075

creationtimestamp| type| source ---|---|--- 2026-03-26 06:01:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhwwiep5nb27...

EUVD-2026-4075

Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through = 3.5.6.2...

MiracleLinux 3 : kernel-2.6.18-194.11.AXS3 (AXSA:2011-143:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-143:02 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

GO-2025-4075 Mattermost Server's OAuth 2.0 service is vulnerable to attack through Missing Authorization in github.com/mattermost/mattermost-server

Mattermost Server's OAuth 2.0 service is vulnerable to attack through Missing Authorization in github.com/mattermost/mattermost-server...

EUVD-2022-4075

Malicious code in bioql PyPI...

CVE-2020-4075

In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary local file read is possible by defining unsafe window options on a child window opened via window.open. As a workaround, ensure you are calling event.preventDefault on all new-window events where the url or options is not...

CVE-2025-4075

A vulnerability was found in VMSMan up to 20250416. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Email with the input " leads to cross site scripting. The attack may be launched remotely. The exploi...

CVE-2025-4075

creationtimestamp| type| source ---|---|--- 2025-04-29 19:50:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lny2iljgxq2t 2025-04-29 21:01:07+00:00| seen| https://t.me/cvedetector/24036...

CVE-2025-4075

A vulnerability was found in VMSMan up to 20250416. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Email with the input "alert1 leads to cross site scripting. The attack may be launched remotely. The...

CVE-2025-4075 VMSMan login.php cross site scripting

A vulnerability was found in VMSMan up to 20250416. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Email with the input "alert1 leads to cross site scripting. The attack may be launched remotely. The...

CVE-2025-4075 VMSMan login.php cross site scripting

A vulnerability was found in VMSMan up to 20250416. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Email with the input "alert1 leads to cross site scripting. The attack may be launched remotely. The...

DLA-4075-1 linux - security update

Bulletin has no description...

Cisco NX-OS OS Command Injection (CVE-2012-4075)

Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in unspecified command parameters, aka Bug IDs CSCtf19827 and CSCtf27788. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

SUSE: Security Advisory (SUSE-SU-2024:4075-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-4075

A vulnerability classified as problematic has been found in Kashipara Online Furniture Shopping Ecommerce Website 1.0. This affects an unknown part of the file login.php. The manipulation of the argument txtAddress leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2024-4075 Kashipara Online Furniture Shopping Ecommerce Website login.php cross site scripting

A vulnerability classified as problematic has been found in Kashipara Online Furniture Shopping Ecommerce Website 1.0. This affects an unknown part of the file login.php. The manipulation of the argument txtAddress leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2024-4075 Kashipara Online Furniture Shopping Ecommerce Website login.php cross site scripting

A vulnerability classified as problematic has been found in Kashipara Online Furniture Shopping Ecommerce Website 1.0. This affects an unknown part of the file login.php. The manipulation of the argument txtAddress leads to cross site scripting. It is possible to initiate the attack remotely. The...

RHSA-2019:4075

creationtimestamp| type| source ---|---|--- 2024-03-19 20:46:59+00:00| seen| https://t.me/ctinow/211921...

openSUSE 15 Security Update : opera (openSUSE-SU-2023:0251-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0251-1 advisory. - Use after free in Offline in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process...