101 matches found
RHEL 9 : php (RHSA-2026:4086)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:4086 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: heap-based buffer overflow in arraymerge...
Linux Distros Unpatched Vulnerability : CVE-2025-4086
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog...
CVE-2024-4086
The CM Tooltip Glossary – Powerful Glossary Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.11. This is due to missing or incorrect nonce validation when saving settings. This makes it possible for unauthenticated attackers to chan...
CVE-2025-4086
A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog. This bug only affects Thunderbird for Android. Other versions of Thunderbird are unaffected.. This vulnerability was fixed in Firefox 138...
CVE-2025-4086
A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog. This bug only affects Thunderbird for Android. Other versions of Thunderbird are unaffected.. This vulnerability was fixed in Firefox 138...
CVE-2025-4086
A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog. This bug only affects Thunderbird for Android. Other versions of Thunderbird are unaffected.. This vulnerability was fixed in Firefox 138...
CVE-2025-4086
CVE-2025-4086 affects Thunderbird for Android and Firefox/ Thunderbird versions earlier than 138. The issue is triggered by a filename containing a large number of encoded newline characters that can obscure the file extension in the download dialog, potentially misleading users about the downloa...
openSUSE Security Advisory (SUSE-SU-2024:4086-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-4086
The CM Tooltip Glossary – Powerful Glossary Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.11. This is due to missing or incorrect nonce validation when saving settings. This makes it possible for unauthenticated attackers to chan...
CVE-2024-4086 CM Tooltip Glossary – Powerful Glossary Plugin <= 4.2.11 - Cross-Site Request Forgery
The CM Tooltip Glossary – Powerful Glossary Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.11. This is due to missing or incorrect nonce validation when saving settings. This makes it possible for unauthenticated attackers to chan...
CVE-2024-4086 CM Tooltip Glossary – Powerful Glossary Plugin <= 4.2.11 - Cross-Site Request Forgery
The CM Tooltip Glossary – Powerful Glossary Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.11. This is due to missing or incorrect nonce validation when saving settings. This makes it possible for unauthenticated attackers to chan...
WordPress CM Tooltip Glossary Plugin <= 4.2.11 is vulnerable to Cross Site Request Forgery (CSRF)
Software CM Tooltip Glossary Type Plugin Vulnerable versions = 4.2.11 Fixed in 4.3.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4086 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 099499e9a7ab Credits Benedictus Jova...
CVE-2022-4086
creationtimestamp| type| source ---|---|--- 2022-11-20 16:36:19+00:00| seen| https://t.me/cibsecurity/53216...
CVE-2022-4086
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
Ubuntu: Security Advisory (USN-1446-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Application Performance Management could allow a remote attacker to hijack the clicking action of the victim (CVE-2019-4086)
Summary IBM Application Performance Management could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attac...
CVE-2019-4086
IBM Cloud Application Performance Management 8.1.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further...
CVE-2019-4086
CVE-2019-4086 affects IBM Cloud Application Performance Management (APM) 8.1.4 (Base Private/Advanced Private) and related APM components. A remote attacker could hijack a victim’s clicking actions by enticing them to visit a malicious site, potentially enabling further attacks. The IBM advisory ...
CVE-2018-4086
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Security" component. It allows remote attackers to spoof certificate validation via crafted...
CVE-2018-4086
CVE-2018-4086 affects Apple devices on iOS < 11.2.5, macOS < 10.13.3, tvOS < 11.2.5, and watchOS