186 matches found
CVE-2026-4091 OPEN-BRAIN <= 0.5.0 - Cross-Site Request Forgery
The OPEN-BRAIN plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5.0. This is due to missing nonce verification on the settings form in the funcpagemain function. This makes it possible for unauthenticated attackers to inject malicious web...
EUVD-2026-4091
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Interactive Maps super-interactive-maps allows Reflected XSS.This issue affects Super Interactive Maps: from n/a through = 2.3...
CVE-2023-4091
creationtimestamp| type| source ---|---|--- 2026-01-21 21:18:16+00:00| seen| https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875...
MiracleLinux 7 : 389-ds-base-1.3.10.2-15.el7 (AXSA:2022-3083:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3083:01 advisory. 389-ds-base: double-free of the virtual attribute context in persistent search CVE-2021-4091 Tenable has extracted the preceding description block directly...
TencentOS Server 4: thunderbird (TSSA-2025:0395)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0395 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
RockyLinux 8 : thunderbird (RLSA-2025:4797)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:4797 advisory. firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing...
RLSA-2025:7428 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing CVE-2025-4087 firefox:...
RLSA-2025:4460 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing CVE-2025-4087 firefox: thunderbird: Process isolation bypass using...
TencentOS Server 4: samba (TSSA-2025:0014)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0014 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 3: 389-ds:1.4 (TSSA-2022:0020)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0020 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
CVE-2022-4091
A vulnerability was found in SourceCodester Canteen Management System. It has been classified as problematic. This affects the function query of the file food.php. The manipulation of the argument productname leads to cross site scripting. It is possible to initiate the attack remotely. The explo...
CVE-2013-4091
The SecureSphere Operations Manager SOM Management Server in Imperva SecureSphere 9.0.0.5 does not have an off autocomplete attribute for the password aka jpassword field on the secsphLogin.jsp login page, which makes it easier for remote attackers to obtain access by leveraging an unattended...
Debian: Security Advisory (DLA-4172-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
WordPress Responsive Gallery Grid plugin < 2.3.15 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Responsive Gallery Grid versions 2.3.15...
RHEL 9 : thunderbird (RHSA-2025:7695)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7695 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater...
CVE-2024-4091
creationtimestamp| type| source ---|---|--- 2025-05-15 20:33:40+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16558...
CVE-2024-4091
CVE-2024-4091 affects the WordPress plugin Responsive Gallery Grid (versions prior to 2.3.15). The issue arises from insufficient sanitization/escaping of certain plugin settings, enabling Cross-Site Scripting (XSS) by high-privilege users (e.g., admins) even when unfiltered_html is disallowed. C...
CVE-2024-4091 Responsive Gallery Grid < 2.3.15 - Admin+ Stored XSS
The Responsive Gallery Grid WordPress plugin before 2.3.15 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2024-4091 Responsive Gallery Grid < 2.3.15 - Admin+ Stored XSS
The Responsive Gallery Grid WordPress plugin before 2.3.15 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
RHEL 9 : thunderbird (RHSA-2025:7692)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7692 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater...