org.webjars.npm:github-com-aws-amazon-cognito-identity-js (=1.12.0) potentially affected by CVE-2026-4258 via org.webjars.npm:sjcl (=1.0.8)

org.webjars.npm:sjcl MAVEN version =1.0.8 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:sjcl and may be impacted: - org.webjars.npm:github-com-aws-amazon-cognito-identity-js =1.12.0 Source cves: CVE-2026-4258 Source advisory:...

Linux Distros Unpatched Vulnerability : CVE-2021-4258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in whohas. It has been rated as problematic. This issue affects some unknown processing of the component Package Information Handler...

CVE-2025-4258

A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu up to 4.2.0. Affected is the function Upload of the file \youkefu-master\src\main\java\com\ukefu\webim\web\handler\resource\MediaController.java. The manipulation of the argument imgFile leads to unrestricted...

CVE-2025-4258

A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu up to 4.2.0. Affected is the function Upload of the file \youkefu-master\src\main\java\com\ukefu\webim\web\handler\resource\MediaController.java. The manipulation of the argument imgFile leads to unrestricted...

CVE-2025-4258

creationtimestamp| type| source ---|---|--- 2025-05-05 02:03:37+00:00| seen| https://bsky.app/profile/potato.software/post/3lofboavsic2i 2025-05-05 02:18:57+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14821 2025-05-05 05:50:23+00:00| exploited|...

CVE-2025-4258 zhangyanbo2007 youkefu MediaController.java upload unrestricted upload

A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu up to 4.2.0. Affected is the function Upload of the file \youkefu-master\src\main\java\com\ukefu\webim\web\handler\resource\MediaController.java. The manipulation of the argument imgFile leads to unrestricted...

Linux Distros Unpatched Vulnerability : CVE-2010-4258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The doexit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNELDS getfs value, which allows local users to bypass...

Adobe Digital Editions < 4.5.2 Multiple Vulnerabilities (APSB16-28) (macOS)

The version of Adobe Digital Editions installed on the remote macOS host is prior to 4.5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB16-28 advisory. - Use-after-free vulnerability in Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary...

CVE-2024-4258

CVE-2024-4258 affects the WordPress plugin “Video Gallery – YouTube Playlist, Channel Gallery by YotuWP” (versions up to and including 1.3.13). The vulnerability is a Local File Inclusion via the settings parameter, allowing unauthenticated attackers to include and execute arbitrary PHP files on ...

CVE-2024-4258 Video Gallery – YouTube Playlist, Channel Gallery by YotuWP <= 1.3.13 - Unauthenticated Local File Inclusion

The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the settings parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the...

CVE-2024-2875

Rejected reason: REJECT Duplicate reservation. Please use CVE-2024-4258 instead...

CGA-2X74-XRG3-4258

Bulletin has no description...

Oracle Linux 8 : tigervnc (ELSA-2024-3067)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3067 advisory. - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice Resolves: RHEL-20388 - Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap...

CVE-2023-4258

creationtimestamp| type| source ---|---|--- 2023-09-26 02:39:30+00:00| seen| https://t.me/cibsecurity/71031...

CVE-2023-4258

In Bluetooth mesh implementation If provisionee has a public key that is sent OOB then during provisioning it can be sent back and will be accepted by provisionee...

CVE-2023-4258

CVE-2023-4258 affects Zephyr RTOS Bluetooth mesh provisioning: an insecure handling in the provisionee’s provisioning protocol allows an OOB public key, if provided, to be echoed back and accepted during provisioning. This description comes from multiple sources noting that the OOB key can be sen...

CVE-2023-4258 bt: mesh: vulnerability in provisioning protocol implementation on provisionee side

In Bluetooth mesh implementation If provisionee has a public key that is sent OOB then during provisioning it can be sent back and will be accepted by provisionee...

SUSE CVE-2014-4258

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC...

CVE-2022-4258 Hima: Unquoted path vulnerabilities in HIMA PC based Software

In multiple versions of HIMA PC based Software an unquoted Windows search path vulnerability might allow local users to gain privileges via a malicious .exe file and gain full access to the system...

CVE-2022-4258

CVE-2022-4258 affects HIMA PC based Software with an unquoted Windows search path vulnerability that could allow a local user to gain privileges via a malicious .exe, potentially full system access. Root cause: unquoted path handling in the Windows search path. Documented impact in provided sourc...