CVE-2026-4135

During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during installation could allow a local authenticated user to perform an arbitrary file write with elevated privileges...

CVE-2026-20434

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2025-4135

creationtimestamp| type| source ---|---|--- 2025-04-30 22:06:10+00:00| seen| https://t.me/cvedetector/24141...

Debian: Security Advisory (DLA-4135-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-4135-1 haproxy - security update

Bulletin has no description...

Cisco NX-OS Path Traversal (CVE-2012-4135)

Directory traversal vulnerability in filesys in Cisco NX-OS 6.12 and earlier allows local users to access arbitrary files via crafted command-line arguments during a delete action, aka Bug IDs CSCty07270, CSCty07271, CSCty07273, and CSCty07275. This plugin only works with Tenable.ot. Please visit...

openSUSE Security Advisory (SUSE-SU-2024:4135-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 : virt:kvm_utils1 (ELSA-2024-12791)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12791 advisory. - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 - Fix for CVE-2019-9755 heap-based buffer overflow leads to local root...

USN-6567-2: QEMU regression

USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in certain environments. This update fixes the problem. Original advisory details: Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the...

CVE-2024-4135

The WP Latest Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.7. This is due to the plugin allowing users to execute an action that does not properly validate a user-supplied value prior to using that value in a call to...

CVE-2024-4135 WP Latest Posts <= 5.0.7 - Authenticated (Subscriber+) Arbitrary Shortcode Execution

The WP Latest Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.7. This is due to the plugin allowing users to execute an action that does not properly validate a user-supplied value prior to using that value in a call to...

WordPress WP Latest Posts Plugin <= 5.0.7 is vulnerable to Broken Access Control

Software WP Latest Posts Type Plugin Vulnerable versions = 5.0.7 Fixed in 5.0.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4135 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID d50d11e9be4f Credits stealthcopter Required privile...

Advisory ROSA-SA-2023-2302

software: qemu 7.2.0 OS: ROSA-CHROME packageevrstring: qemu-7.2.0-2.src.rpm CVE-ID: CVE-2023-0330 BDU-ID: 2023-04834 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the lsi53c895a.c component of the QEMU hardware emulator is related to writing beyond buffer boundaries. Exploitation of the...

CVE-2023-4135

creationtimestamp| type| source ---|---|--- 2023-08-04 18:40:52+00:00| seen| https://t.me/cibsecurity/67763...

CVE-2023-4135

A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can ...

CVE-2023-4135

A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can ...

CVE-2023-4135

A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can ...

CVE-2023-4135

A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can ...

CVE-2023-4135

Technical details about CVE-2023-4135 are not provided in the supplied connected documents. The materials reference the CVE but do not specify affected products, versions, root cause, impact, or fixes. Monitor for updates.

CVE-2023-4135

A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can ...