CVE-2026-4142

creationtimestamp| type| source ---|---|--- 2026-04-25 19:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mkdrtpj3at2c...

CVE-2017-4142

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none...

MiracleLinux 4 : wpa_supplicant-0.7.3-6.AXS4 (AXSA:2015-341:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-341:01 advisory. wpasupplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. Supplicant is the IEEE 802.1X/WPA component tha...

CVE-2012-4142

Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, ignores some characters in HTML documents in unspecified circumstances, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via a crafted document...

CVE-2011-4142

The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these files...

CVE-2025-4142

A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. This vulnerability affects the function sub3C8EC. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure but di...

CVE-2025-4142 Netgear EX6200 sub_3C8EC buffer overflow

A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. This vulnerability affects the function sub3C8EC. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure but di...

CVE-2025-4142

creationtimestamp| type| source ---|---|--- 2025-04-30 15:12:03+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114427554904223230 2025-04-30 23:14:30+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14191 2025-04-30 23:48:34+00:00| seen|...

CVE-2024-4142

An Improper input validation vulnerability that could potentially lead to privilege escalation was discovered in JFrog Artifactory. Due to this vulnerability, users with low privileges may gain administrative access to the system. This issue can also be exploited in Artifactory platforms with...

CVE-2024-4142

An Improper input validation vulnerability that could potentially lead to privilege escalation was discovered in JFrog Artifactory. Due to this vulnerability, users with low privileges may gain administrative access to the system. This issue can also be exploited in Artifactory platforms with...

CVE-2024-4142 JFrog Artifactory Improper input validation within token creation flow

An Improper input validation vulnerability that could potentially lead to privilege escalation was discovered in JFrog Artifactory. Due to this vulnerability, users with low privileges may gain administrative access to the system. This issue can also be exploited in Artifactory platforms with...

CVE-2023-4142

creationtimestamp| type| source ---|---|--- 2023-08-04 07:45:36+00:00| seen| Telegram/j6Jxn-QawNvdupY3wHUvEEM511yZJfE1SwO-u04tJ4io6UQ...

CVE-2023-4142 WP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) Remote Code Execution

The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 7.9.8 via the '-cus1' parameter. This allows authenticated attackers with author-level permissions or above, if the administrator previously grants access in the plugin...

WordPress WP Ultimate CSV Importer Plugin <= 7.9.8 is vulnerable to Remote Code Execution (RCE)

Software WP Ultimate CSV Importer Type Plugin Vulnerable versions = 7.9.8 Fixed in 7.9.9 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-4142 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID a395389d1982 Credits István Márton Required...

SUSE CVE-2016-4142

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083...

CVE-2022-4142

creationtimestamp| type| source ---|---|--- 2023-01-03 00:16:57+00:00| seen| https://t.me/cibsecurity/55760...

CVE-2022-4142

The CVE-2022-4142 entry concerns the WordPress Filter Gallery Plugin (before 0.1.6). Affected component: the ufg_gallery_filters AJAX action that does not properly escape user-supplied filters before rendering on the settings page. Root cause: insufficient escaping enables a high-privileged user ...

CVE-2022-4142 WordPress Filter Gallery Plugin < 0.1.6 - Admin+ Stored XSS

The WordPress Filter Gallery Plugin WordPress plugin before 0.1.6 does not properly escape the filters passed in the ufggalleryfilters ajax action before outputting them on the page, allowing a high privileged user such as an administrator to inject HTML or javascript to the plugin settings page,...

SUSE: Security Advisory (SUSE-SU-2022:4142-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-4142

CVE-2021-4142 affects the Candlepin component of Red Hat Satellite, describing an improper authentication flaw where a local attacker could leverage a valid SCA certificate to authenticate with Candlepin. The public documents report a CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) with a b...