CVE-2026-4126

The Table Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.0 via the 'tablemanager' shortcode. The shortcode handler tablemanagerrendertableshortcode takes a user-controlled table attribute, applies only sanitizekey for...

MiracleLinux 7 : openssl-1.0.2k-19.el7 (AXSA:2019-4126:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4126:04 advisory. openssl: 0-byte record padding oracle CVE-2019-1559 openssl: timing side channel attack in the DSA signature algorithm CVE-2018-0734 Tenable has...

Exploit for CVE-2025-4126

POC-CVE-2025-4126 smart contract reentrancy attack vulnerabili...

CVE-2011-4126

Race condition issues were found in Calibre at devices/linuxmounthelper.c allowing unprivileged users the ability to mount any device to anywhere...

CVE-2025-4126

creationtimestamp| type| source ---|---|--- 2025-05-15 06:57:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lp6wrhec7m2e 2025-08-07 09:00:05+00:00| published-proof-of-concept| Telegram/UOBHIdY3ySfeHEqRgDOMD1tfqOzhoPZZkrJdvo4b1cRAqk 2025-08-09 21:02:26+00:00| seen|...

CVE-2025-4126

CVE-2025-4126 affects the WordPress EG-Series plugin (versions up to and including 2.1.1). Affected component is the shortcode_title handling in the [series] shortcode, where insufficient input sanitization and output escaping allows authenticated attackers (contributor level+) on sites with Clas...

CVE-2025-4126 EG-Series <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The EG-Series plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's series shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes in the shortcodetitle function. This makes it possib...

CVE-2025-4126 EG-Series <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The EG-Series plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's series shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes in the shortcodetitle function. This makes it possib...

WordPress EG-Series plugin <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by muhammad yudha in WordPress Plugin EG-Series versions = 2.1.1...

DLA-4126-2 jinja2 - regression update

Bulletin has no description...

Debian: Security Advisory (DLA-4126-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-4126-1 jinja2 - security update

Bulletin has no description...

RHEL 6 / 7 : httpd24-httpd (RHSA-2019:4126)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:4126 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...

CVE-2024-4126

A vulnerability was found in Tenda W15E 15.11.0.14 and classified as critical. This issue affects the function formSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument manualTime leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has...

CVE-2023-4126

Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0...

CVE-2023-4126 Insufficient Session Expiration in answerdev/answer

Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0...

CVE-2023-4126

Affected software/component: answerdev/answer (GitHub repo). Vulnerability: Insufficient Session Expiration in the authentication/session handling mechanism. Root cause: session expiration is not sufficiently enforced, as described for versions prior to 1.1.0. Impact (per CVSS/related records): h...

CVE-2023-4126 Insufficient Session Expiration in answerdev/answer

Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0...

RHEL 8 : kernel-rt (RHSA-2023:4126)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4126 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

CVE-2022-4126

Use of Default Password vulnerability in ABB RCCMD on Windows, Linux, MacOS allows Try Common or Default Usernames and Passwords.This issue affects RCCMD: before 4.40 230207...