88 matches found
CVE-2025-4097 vulnerabilities
Vulnerabilities for packages: gitlab-workhorse-ce-fips, gitlab-rails-ce-fips, gitlab-rails-ce, gitlab-workhorse-ce...
CVE-2025-4097
creationtimestamp| type| source ---|---|--- 2025-12-11 08:03:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7p4en4btk2g 2025-12-11 15:25:32+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3m7pv2q3ouq2z...
EUVD-2008-4082
Malware in sbrugna...
CVE-2023-4097
The file upload functionality is not implemented correctly and allows uploading of any type of file. As a prerequisite, it is necessary for the attacker to log into the application with a valid username...
CVE-2013-4097
ServerAdmin/TestDRConnection.jsp in DS3 Authentication Server allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in a -REG-E-OPEN error message...
CVE-2022-4097
creationtimestamp| type| source ---|---|--- 2025-04-14 18:54:05+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11677...
Linux Distros Unpatched Vulnerability : CVE-2011-4097
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the oombadness function in mm/oomkill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service...
SUSE: Security Advisory (SUSE-SU-2024:4097-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-4097
The Cost Calculator Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SVG upload feature in all versions up to, and including, 3.1.67 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...
CVE-2024-4097
CVE-2024-4097 affects Cost Calculator Builder PRO for WordPress. Vulnerable component: SVG upload handling in the plugin, allowing unauthenticated Stored XSS via insufficient input sanitization and output escaping in versions up to 3.1.67. Impact per public records: injected JavaScript executes w...
CVE-2024-4097 Cost Calculator Builder Pro <= 3.1.67 - Unauthenticated Cross-Site Scripting via SVG Upload
The Cost Calculator Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SVG upload feature in all versions up to, and including, 3.1.67 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...
CVE-2024-4097 Cost Calculator Builder Pro <= 3.1.67 - Unauthenticated Cross-Site Scripting via SVG Upload
The Cost Calculator Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SVG upload feature in all versions up to, and including, 3.1.67 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...
WordPress Cost Calculator Builder Pro Plugin <= 3.1.67 is vulnerable to Cross Site Scripting (XSS)
Software Cost Calculator Builder Pro Type Plugin Vulnerable versions = 3.1.67 Fixed in 3.1.68 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4097 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 99ec603c6f20 Credits andrea...
SUSE: Security Advisory (SUSE-SU-2023:4097-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-4097
CVE-2023-4097 affects IDM Sistemas QSige. The issue is a file upload vulnerability where the upload function accepts any file type due to improper implementation, requiring an authenticated user. Impact is reported as high (C/H/I/A) with CVSS v3.1 base score 8.8. Documented details do not specify...
CVE-2023-4097 Multiple vulnerabilities in IDM Sistemas QSige
The file upload functionality is not implemented correctly and allows uploading of any type of file. As a prerequisite, it is necessary for the attacker to log into the application with a valid username...
CVE-2022-4097
The CVE-2022-4097 entry concerns the All-In-One Security (AIOS) WordPress plugin prior to 5.0.8. The root cause is IP spoofing via headers (e.g., HTTP_X_REAL_IP/HTTP_X_FORWARDED_FOR) in get_user_ip_address(), allowing attackers to bypass security controls such as IP blocks, rate limiting, and bru...
CVE-2022-4097 All In One WP Security & Firewall < 5.0.8 - IP Spoofing
The All-In-One Security AIOS WordPress plugin before 5.0.8 is susceptible to IP Spoofing attacks, which can lead to bypassed security features like IP blocks, rate limiting, brute force protection, and more...
Rocky Linux 8 : webkit2gtk3 (RLSA-2021:4097)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4097 advisory. - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing malicious...
CVE-2021-4097
creationtimestamp| type| source ---|---|--- 2021-12-12 02:26:37+00:00| seen| https://t.me/cibsecurity/33769...