RHEL 9 : python-pyasn1 (RHSA-2026:4143)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:4143 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

EUVD-2026-4143

SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token when resetting system administrator accounts. An...

CVE-2023-4143

creationtimestamp| type| source ---|---|--- 2025-08-22 02:48:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lwxgyfswes2t...

CVE-2022-4143

An issue has been discovered in GitLab affecting all versions starting from 15.7 before 15.8.5, from 15.9 before 15.9.4, and from 15.10 before 15.10.1 that allows for crafted, unapproved MRs to be introduced and merged without authorization...

CVE-2012-4143

Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, allows user-assisted remote attackers to trick users into downloading and executing arbitrary files via a small window for the download dialog, a different vulnerability than CVE-2012-1924...

CVE-2025-4143

The OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp , did not correctly validate that redirecturi was on the allowed list of redirect URIs for the given client registration. Fixed in: ...

CVE-2025-4143

creationtimestamp| type| source ---|---|--- 2025-05-01 01:13:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14210 2025-05-01 01:56:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lo37f5g75v2e 2025-05-01 04:48:02+00:00| seen|...

CVE-2025-4143 Missing validation of redirect_uri on authorize endpoint

The OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp , did not correctly validate that redirecturi was on the allowed list of redirect URIs for the given client registration. Fixed in: ...

CVE-2024-4143

creationtimestamp| type| source ---|---|--- 2024-07-16 01:13:06+00:00| seen| https://t.me/cvedetector/910...

CVE-2022-4143

creationtimestamp| type| source ---|---|--- 2023-06-29 00:13:24+00:00| seen| https://t.me/cibsecurity/65689...

CVE-2022-4143

GitLab CVE-2022-4143 affects all versions starting from 15.7 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. The issue allows crafted, unapproved merge requests (MRs) to be introduced and merged without authorization. Connected documents consistently describe this as a vulnerability ...

CVE-2022-4143

An issue has been discovered in GitLab affecting all versions starting from 15.7 before 15.8.5, from 15.9 before 15.9.4, and from 15.10 before 15.10.1 that allows for crafted, unapproved MRs to be introduced and merged without authorization...

CVE-2022-4143

Removed by vendor...

SUSE CVE-2009-4143

PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to 1 interrupt corruption of the SESSION superglobal array and 2 the session.savepath directive...

SUSE CVE-2016-4143

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083...

RHEL 7 : OCS 3.11.z async (RHSA-2020:4143)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4143 advisory. Red Hat OpenShift Container StorageOCS is a provider of agnostic persistent storage for OpenShift Container Platform either in-house or in a...

Mageia: Security Advisory (MGASA-2013-0225)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2016-0228)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-4143

Cross-site Scripting XSS - Generic in GitHub repository bigbluebutton/bigbluebutton prior to 2.4.0...

CVE-2021-4143

CVE-2021-4143 affects the open‑source web conferencing platform BigBlueButton prior to 2.4.0. The vulnerability is a generic Cross-site Scripting (XSS) due to lack of proper validation of client‑side data by the web application, enabling injection of arbitrary JavaScript in other users’ browsers ...