Photon OS 5.0: Libpng PHSA-2026-5.0-0802

An update of the libpng package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0802. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2026-4214 D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Setting stack-based overflow

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...

CVE-2026-4214

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...

CVE-2026-4214

creationtimestamp| type| source ---|---|--- 2026-03-15 12:10:12+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116233116826289548 2026-03-22 01:40:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhmfzsqvxo23...

PT-2026-25566

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function UPnP AV Server...

CVE-2021-4214

creationtimestamp| type| source ---|---|--- 2025-12-07 21:52:33+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3m7gisw73ak2i...

Debian: Security Advisory (DLA-4214-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-4214

A vulnerability was found in PHPGuruku Online DJ Booking Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/booking-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack may be initiat...

CVE-2025-4214 PHPGuruku Online DJ Booking Management System booking-bwdates-reports-details.php sql injection

A vulnerability was found in PHPGuruku Online DJ Booking Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/booking-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack may be initiat...

CVE-2024-4214

CVE-2024-4214 is a Basic XSS vulnerability in the WordPress Cardealer plugin (Car Dealer). The connected documents indicate an improper neutralization of script-related HTML tags in a Car Dealer web page, affecting the plugin versions up to 4.15. The sources do not provide concrete attack vectors...

CVE-2024-4214 WordPress cardealer plugin <= 4.15 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Bill Minozzi Car Dealer allows Code Injection.This issue affects Car Dealer: from n/a through 4.15...

WordPress Car Dealer Plugin <= 4.15 is vulnerable to Content Injection

Software Car Dealer Type Plugin Vulnerable versions = 4.15 Fixed in 4.16 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-4214 Patch priority Low CVSS severity Low 2.7 Developer Claim ownership PSID 9f6801c987d5 Credits Yash Chauhan Required privilege Administrator Publish...

CVE-2019-4214

creationtimestamp| type| source ---|---|--- 2024-02-26 17:16:29+00:00| seen| https://t.me/ctinow/193516...

CVE-2023-4214

The AppPresser plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 4.2.5. This is due to the plugin generating too weak a reset code, and the code used to reset the password has no attempt or time limit...

CVE-2023-4214 AppPresser <= 4.2.5 - Insecure Password Reset Mechanism

The AppPresser plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 4.2.5. This is due to the plugin generating too weak a reset code, and the code used to reset the password has no attempt or time limit...

CVE-2023-4214

The AppPresser WordPress plugin (AppPresser – Mobile App Framework) contains an unauthorized password reset vulnerability in versions up to and including 4.2.5 caused by a too-weak reset code with no attempt or time limits. This can enable password resets by unauthenticated actors. Public sources...

CVE-2022-4214

creationtimestamp| type| source ---|---|--- 2023-11-10 22:38:42+00:00| seen| https://t.me/arpsyndicate/70...

SUSE: Security Advisory (SUSE-SU-2023:4214-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-2260-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-4214

CVE-2022-4214 affects the WordPress Chained Quiz plugin up to version 1.3.2.3. The vulnerability is a Reflected Cross-Site Scripting (XSS) via the ip parameter on the chainedquiz_list page caused by insufficient input sanitization and output escaping. Exploitation requires user interaction (e.g.,...