CVE-2026-4236

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. Impacted is an unknown function of the file /enrollment/index.php?view=add. Such manipulation of the argument txtsearch/deptname/name leads to sql injection. The attack may be performed from remote. The explo...

GO-2025-4236 Finality Provider vulnerable to anti-slashing bypassing due to misconfiguration in github.com/babylonlabs-io/finality-provider

Finality Provider vulnerable to anti-slashing bypassing due to misconfiguration in github.com/babylonlabs-io/finality-provider...

EUVD-2025-4236

Malicious code in bioql PyPI...

MINI-4939-CGP2-4236

Bulletin has no description...

TencentOS Server 4: bind (TSSA-2024:0612)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0612 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2022-4236

The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file via an AJAX action available to any authenticated users, which could allow users with a role as low as subscriber to read arbitrary files on the server...

CVE-2025-4236

creationtimestamp| type| source ---|---|--- 2025-05-03 14:17:45+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14694 2025-05-03 15:03:27+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lobmcsg56bz2 2025-05-03...

CVE-2025-4236

A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this vulnerability is an unknown functionality of the component MDIR Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to...

CVE-2025-4236 PCMan FTP Server MDIR Command buffer overflow

A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this vulnerability is an unknown functionality of the component MDIR Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to...

CVE-2025-4236

The CVE-2025-4236 entry concerns PCMan FTP Server 2.0.7, where the MDIR Command Handler allows a remote attacker to trigger a buffer overflow. Multiple sources (NVD, CNVD, RH, CN) identify an attacker-controlled input causing overflow, with remote exploitation and publicly disclosed exploit infor...

CVE-2024-4236

creationtimestamp| type| source ---|---|--- 2024-04-26 21:23:06+00:00| seen| https://t.me/darkcommunityofficial/458...

CVE-2024-4236 Tenda AX1803 SetDDNSCfg formSetSysToolDDNS stack-based overflow

A vulnerability, which was classified as critical, has been found in Tenda AX1803 1.0.0.1. This issue affects the function formSetSysToolDDNS of the file /goform/SetDDNSCfg. The manipulation of the argument serverName/ddnsUser/ddnsPwd/ddnsDomain leads to stack-based buffer overflow. The attack ma...

Fedora 39 : bind / bind-dyndb-ldap (2023-b4acb0f7c6)

The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-b4acb0f7c6 advisory. BIND 9.18.19 Security Fixes - Previously, sending a specially crafted message over the control channel could cause the packet- parsing code to run o...

Rocky Linux 8 : tcpdump (RLSA-2021:4236)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4236 advisory. - The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. CVE-2020-8037 Note that Nessus has not tested for this issue but h...

Fedora: Security Advisory for bind-dyndb-ldap (FEDORA-2023-87502c4a93)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for bind (FEDORA-2023-87502c4a93)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for bind-dyndb-ldap (FEDORA-2023-a2621f58a9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5504-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-5504-1 : bind9 - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5504 advisory. Several vulnerabilities were discovered in BIND, a DNS server implementation. CVE-2023-3341 A stack exhaustion flaw was discovered in the control channel cod...

Vulnerabilities fixed in ISC BIND

ISC has fixed vulnerabilities in BIND. A malicious party can exploit the exploit the vulnerabilities to cause a denial-of-service. The vulnerability with reference CVE-2023-3341 is located in the way in which control channel messages are processed. If too large messages, the named process can...