CVE-2011-4249

Array index error in the RV30 codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2012-4249

The Amazon Lab126 com.lab126.system sendEvent implementation on the Kindle Touch before 5.1.2 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a string, as demonstrated by using lipc-set-prop to set an LIPC property, a different vulnerability than...

CVE-2025-4249

creationtimestamp| type| source ---|---|--- 2025-05-04 09:00:26+00:00| published-proof-of-concept| Telegram/Wpk3-CuMqWAZQbrqYi-RvpMPTLF5KyNJIQvW2Yu0PYrESA 2025-05-04 10:10:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lodmgs7ck52h 2025-05-04 10:36:19+00:00| exploited|...

CVE-2025-4249

A vulnerability was found in PHPGurukul e-Diary Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /manage-categories.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit h...

CVE-2025-4249

CVE-2025-4249 affects PHPGurukul e-Diary Management System 1.0, targeting the /manage-categories.php functionality. The root cause is an SQL injection caused by manipulation of the ID argument, with remote attack potential. Multiple sources confirm the vulnerability and public disclosure of explo...

CVE-2025-4249 PHPGurukul e-Diary Management System manage-categories.php sql injection

A vulnerability was found in PHPGurukul e-Diary Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /manage-categories.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit h...

RHEL 8 : c-ares (RHSA-2024:4249)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4249 advisory. The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Out of bounds read...

CVE-2023-4249

CVE-2023-4249 affects Zavio IP Cameras CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 with firmware version M2.1.6.05. The vulnerability is an OS command injection in the cameras’ handling of network requests and binaries, potentially enabling remote code ...

CVE-2023-4249

creationtimestamp| type| source ---|---|--- 2023-09-07 11:11:46+00:00| published-proof-of-concept| https://t.me/truesecator/4819 2023-09-08 00:21:06+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/7755 2023-09-09 00:22:29+00:00| seen| https://t.me/thebugbountyhunter/7758...

CVE-2021-4249

creationtimestamp| type| source ---|---|--- 2022-12-18 18:40:54+00:00| seen| https://t.me/cibsecurity/54826...

CVE-2021-4249

A vulnerability was found in xml-conduit. It has been classified as problematic. Affected is an unknown function of the file xml-conduit/src/Text/XML/Stream/Parse.hs of the component DOCTYPE Entity Expansion Handler. The manipulation leads to infinite loop. It is possible to launch the attack...

CVE-2021-4249 xml-conduit DOCTYPE Entity Expansion Parse.hs infinite loop

A vulnerability was found in xml-conduit. It has been classified as problematic. Affected is an unknown function of the file xml-conduit/src/Text/XML/Stream/Parse.hs of the component DOCTYPE Entity Expansion Handler. The manipulation leads to infinite loop. It is possible to launch the attack...

CVE-2021-4249

CVE-2021-4249 affects the Haskell library xml-conduit. The issue lies in the DOCTYPE Entity Expansion Handler within xml-conduit/src/Text/XML/Stream/Parse.hs, where manipulation can cause an infinite loop. It is possible to trigger the issue remotely. Public details consistently recommend upgradi...

CVE-2022-4249

CVE-2022-4249 affects the Movie Ticket Booking System. Affected component: POST Request Handler. Root cause: manipulation of the ORDER_ID argument leads to a Cross-Site Scripting (XSS) vulnerability. Impact: allows remote exploitation; attacker can inject script via ORDER_ID. Public exploit/usage...

CVE-2022-4249 Movie Ticket Booking System POST Request cross site scripting

A vulnerability, which was classified as problematic, was found in Movie Ticket Booking System. Affected is an unknown function of the component POST Request Handler. The manipulation of the argument ORDERID leads to cross site scripting. It is possible to launch the attack remotely. The exploit...

SUSE: Security Advisory (SUSE-SU-2012:0115-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:0115-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-4249

CVE-2020-4249 affects IBM Security Identity Governance and Intelligence (IGI) Virtual Appliance 5.2.6. The issue is an authorization flaw that could disclose highly sensitive information to other authenticated users. Impact is explicit: confidentiality compromise (PARTIAL to HIGH) per CVSS metric...

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-4249)

Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to a security vulnerability. The Virtual Appliance could disclose highly sensitive information to other authenticated users on the sytem. Vulnerability Details CVEID: CVE-2020-4249 DESCRIPTIO...

Ubuntu: Security Advisory (USN-4249-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...