129 matches found
CVE-2026-4139
creationtimestamp| type| source ---|---|--- 2026-04-26 00:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mkecm5ozla2l...
CVE-2026-4139
The mCatFilter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 0.5.2. This is due to the complete absence of nonce verification and capability checks in the computepost function, which processes settings updates. The computepost function is...
CVE-2025-20732
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege when OceReducedNeighborReport is disabled. User interaction is not needed for exploitation...
PT-2025-44971
Name of the Vulnerable Software and Affected Versions Linksys Wireless Network Controller Driver affected versions not specified Description The wlan AP driver contains a potential out-of-bounds write issue stemming from an incorrect bounds check. Successful exploitation could allow a malicious...
EUVD-2013-4139
Malware in sbrugna...
CVE-2023-4139
The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Sensitive Information Exposure via Directory Listing due to missing restriction in export folder indexing in versions up to, and including, 7.9.8. This makes it possible for unauthenticated attackers to list and view exported file...
CVE-2021-4139
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
CVE-2025-4139
creationtimestamp| type| source ---|---|--- 2025-04-30 21:15:29+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14166 2025-04-30 21:48:23+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114429113294159822 2025-04-30 21:55:52+00:00| seen|...
Siemens SIMATIC Devices Linux Kernel Missing Release of Memory after Effective Lifetime (CVE-2022-4139)
An incorrect TLB flush issue was found in the Linux kernel's GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. This plugin only works with Tenable.ot. Please vis...
Fedora 37 : kernel (2022-e4460c41bc)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-e4460c41bc advisory. The 6.0.11 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...
CVE-2024-4139
Brings CVE-2024-4139: SAP S/4HANA Manage Bank Statement ReProcessing Rules suffers from missing authorization checks for authenticated users, enabling privilege escalation. Affected component is the rule management module; attacker can delete other users’ rules, compromising integrity. Confidenti...
CVE-2024-4139 Missing Authorization Checks in SAP S/4 HANA (Manage Bank Statement Reprocessing Rules)
Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can delete rules of other users affecting the integrity of the application. Confidentiality and...
Rocky Linux 8 : resource-agents (RLSA-2021:4139)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4139 advisory. - An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML...
Rocky Linux 8 : kernel (RLSA-2023:0101)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0101 advisory. - A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple...
CVE-2023-4139
creationtimestamp| type| source ---|---|--- 2023-08-04 07:45:53+00:00| seen| https://t.me/cibsecurity/67750...
CVE-2023-4139
The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Sensitive Information Exposure via Directory Listing due to missing restriction in export folder indexing in versions up to, and including, 7.9.8. This makes it possible for unauthenticated attackers to list and view exported file...
CVE-2023-4139
The WP Ultimate CSV Importer plugin for WordPress is affected by CVE-2023-4139 (WP Ultimate CSV Importer) and exposes exported files via directory listing due to missing restrictions in the export folder. Affected versions are up to 7.9.8. Unauthenticated attackers could list/view exported files....
CVE-2023-4139 WP Ultimate CSV Importer <= 7.9.8 - Sensitive Information Exposure via Directory Listing
The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Sensitive Information Exposure via Directory Listing due to missing restriction in export folder indexing in versions up to, and including, 7.9.8. This makes it possible for unauthenticated attackers to list and view exported file...
WordPress WP Ultimate CSV Importer Plugin <= 7.9.8 is vulnerable to Sensitive Data Exposure
Software WP Ultimate CSV Importer Type Plugin Vulnerable versions = 7.9.8 Fixed in 7.9.9 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-4139 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 438988920d4b Credits István Márton...
Ubuntu: Security Advisory (USN-6124-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...