Lucene search
K

129 matches found

Circl
Circl
added 2026/04/26 12:33 a.m.6 views

CVE-2026-4139

creationtimestamp| type| source ---|---|--- 2026-04-26 00:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mkecm5ozla2l...

4.3CVSS4.8AI score0.00165EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/22 7:45 a.m.4 views

CVE-2026-4139

The mCatFilter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 0.5.2. This is due to the complete absence of nonce verification and capability checks in the computepost function, which processes settings updates. The computepost function is...

4.3CVSS5.7AI score0.00165EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/11/04 6:20 a.m.11 views

CVE-2025-20732

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege when OceReducedNeighborReport is disabled. User interaction is not needed for exploitation...

0.00113EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.6 views

PT-2025-44971

Name of the Vulnerable Software and Affected Versions Linksys Wireless Network Controller Driver affected versions not specified Description The wlan AP driver contains a potential out-of-bounds write issue stemming from an incorrect bounds check. Successful exploitation could allow a malicious...

5.3CVSS6.5AI score0.00113EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-4139

Malware in sbrugna...

4.7CVSS5.9AI score0.00308EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/05/23 5:54 a.m.4 views

CVE-2023-4139

The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Sensitive Information Exposure via Directory Listing due to missing restriction in export folder indexing in versions up to, and including, 7.9.8. This makes it possible for unauthenticated attackers to list and view exported file...

7.5CVSS5.9AI score0.0057EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 p.m.8 views

CVE-2021-4139

pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

9CVSS6.7AI score0.00877EPSS
Exploits1
Circl
Circl
added 2025/04/30 9:15 p.m.21 views

CVE-2025-4139

creationtimestamp| type| source ---|---|--- 2025-04-30 21:15:29+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14166 2025-04-30 21:48:23+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114429113294159822 2025-04-30 21:55:52+00:00| seen|...

9CVSS7.9AI score0.00939EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/25 12:0 a.m.11 views

Siemens SIMATIC Devices Linux Kernel Missing Release of Memory after Effective Lifetime (CVE-2022-4139)

An incorrect TLB flush issue was found in the Linux kernel's GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. This plugin only works with Tenable.ot. Please vis...

7.8CVSS6.6AI score0.00252EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.10 views

Fedora 37 : kernel (2022-e4460c41bc)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-e4460c41bc advisory. The 6.0.11 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...

7.8CVSS6.8AI score0.00252EPSS
Exploits0References3
CVE
CVE
added 2024/05/14 3:51 a.m.50 views

CVE-2024-4139

Brings CVE-2024-4139: SAP S/4HANA Manage Bank Statement ReProcessing Rules suffers from missing authorization checks for authenticated users, enabling privilege escalation. Affected component is the rule management module; attacker can delete other users’ rules, compromising integrity. Confidenti...

4.3CVSS7.3AI score0.00286EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/14 3:51 a.m.20 views

CVE-2024-4139 Missing Authorization Checks in SAP S/4 HANA (Manage Bank Statement Reprocessing Rules)

Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can delete rules of other users affecting the integrity of the application. Confidentiality and...

4.3CVSS5.4AI score0.00286EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.25 views

Rocky Linux 8 : resource-agents (RLSA-2021:4139)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4139 advisory. - An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML...

7.5CVSS7.5AI score0.03832EPSS
Exploits1References20
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.55 views

Rocky Linux 8 : kernel (RLSA-2023:0101)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0101 advisory. - A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple...

7.8CVSS6.6AI score0.00294EPSS
Exploits0References5
Circl
Circl
added 2023/08/04 7:45 a.m.5 views

CVE-2023-4139

creationtimestamp| type| source ---|---|--- 2023-08-04 07:45:53+00:00| seen| https://t.me/cibsecurity/67750...

7.5CVSS7.9AI score0.0057EPSS
Exploits0References1
NVD
NVD
added 2023/08/04 3:15 a.m.12 views

CVE-2023-4139

The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Sensitive Information Exposure via Directory Listing due to missing restriction in export folder indexing in versions up to, and including, 7.9.8. This makes it possible for unauthenticated attackers to list and view exported file...

7.5CVSS7.4AI score0.0057EPSS
Exploits0References2
CVE
CVE
added 2023/08/04 2:4 a.m.44 views

CVE-2023-4139

The WP Ultimate CSV Importer plugin for WordPress is affected by CVE-2023-4139 (WP Ultimate CSV Importer) and exposes exported files via directory listing due to missing restrictions in the export folder. Affected versions are up to 7.9.8. Unauthenticated attackers could list/view exported files....

7.5CVSS7.5AI score0.0057EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/08/04 2:4 a.m.20 views

CVE-2023-4139 WP Ultimate CSV Importer <= 7.9.8 - Sensitive Information Exposure via Directory Listing

The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Sensitive Information Exposure via Directory Listing due to missing restriction in export folder indexing in versions up to, and including, 7.9.8. This makes it possible for unauthenticated attackers to list and view exported file...

7.5CVSS7.6AI score0.0057EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/08/03 12:0 a.m.14 views

WordPress WP Ultimate CSV Importer Plugin <= 7.9.8 is vulnerable to Sensitive Data Exposure

Software WP Ultimate CSV Importer Type Plugin Vulnerable versions = 7.9.8 Fixed in 7.9.9 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-4139 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 438988920d4b Credits István Márton...

7.5CVSS6.5AI score0.0057EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2023/05/31 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-6124-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.12966EPSS
Exploits7References2
Rows per page
Query Builder