75 matches found
EUVD-2026-4280
In the Linux kernel, the following vulnerability has been resolved: nfsd: check that server is running in unlockfilesystem If we are trying to unlock the filesystem via an administrative interface and nfsd isn't running, it crashes the server. This happens currently because nfsd4revokestates acce...
DLA-4280-1 unbound - security update
Bulletin has no description...
CVE-2024-4280
The White Label CMS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the resetplugin function in all versions up to, and including, 2.7.3. This makes it possible for unauthenticated attackers to reset plugin settings...
CVE-2025-4280
creationtimestamp| type| source ---|---|--- 2025-05-22 10:43:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17264 2025-05-22 11:30:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpqzbcplpm2w...
CVE-2025-4280
MacOS version of Poedit bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...
CVE-2025-4280
Poedit on macOS is affected by CVE-2025-4280 due to a bundled Python interpreter inheriting the app’s TCC permissions. A local attacker can invoke the interpreter to run arbitrary commands using those granted permissions to access files in privacy-protected folders without user prompts, potential...
CVE-2025-4280 TCC Bypass via Inherited Permissions in Bundled Interpreter in Poedit.app
MacOS version of Poedit bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...
CVE-2025-4280 TCC Bypass via Inherited Permissions in Bundled Interpreter in Poedit.app
MacOS version of Poedit bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...
Linux Distros Unpatched Vulnerability : CVE-2013-4280
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insecure temporary file vulnerability in RedHat vsdm 4.9.6. CVE-2013-4280 Note that Nessus relies on the presence of the package as reported by the vendor...
CVE-2024-4280
The White Label CMS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the resetplugin function in all versions up to, and including, 2.7.3. This makes it possible for unauthenticated attackers to reset plugin settings...
WordPress White Label CMS Plugin <= 2.7.3 is vulnerable to Broken Access Control
Software White Label CMS Type Plugin Vulnerable versions = 2.7.3 Fixed in 2.7.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4280 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID a368614cfe17 Credits Krzysztof Zając Required...
CVE-2023-4280
creationtimestamp| type| source ---|---|--- 2024-01-02 18:26:57+00:00| seen| https://t.me/ctinow/161943 2024-01-03 01:35:59+00:00| seen| https://t.me/cibsecurity/74185 2024-01-23 07:52:00+00:00| seen| https://t.me/ctinow/171754 2025-06-13 19:35:03+00:00| published-proof-of-concept|...
CVE-2023-4280 Unvalidated input in Silicon Labs TrustZone implementation leads to accessing Trusted memory region
An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region...
CVE-2023-4280 Unvalidated input in Silicon Labs TrustZone implementation leads to accessing Trusted memory region
An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region...
CVE-2023-4280
Silicon Labs Gecko SDK, v4.3.x and earlier, contains an unvalidated input issue in the TrustZone implementation that lets an attacker access the trusted memory region from the untrusted region. Affected component: TrustZone in Gecko SDK. Root cause: unvalidated input allowing cross-region access....
CVE-2021-4280
creationtimestamp| type| source ---|---|--- 2022-12-25 22:40:10+00:00| seen| https://t.me/cibsecurity/55308...
CVE-2021-4280
A vulnerability was found in stylerpraatscripts. It has been classified as problematic. Affected is an unknown function of the file filesegmenter.praat of the component Slash Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The name of the patch ...
CVE-2021-4280 styler_praat_scripts Slash file_segmenter.praat denial of service
A vulnerability was found in stylerpraatscripts. It has been classified as problematic. Affected is an unknown function of the file filesegmenter.praat of the component Slash Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The name of the patch ...
CVE-2021-4280 styler_praat_scripts Slash file_segmenter.praat denial of service
A vulnerability was found in stylerpraatscripts. It has been classified as problematic. Affected is an unknown function of the file filesegmenter.praat of the component Slash Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The name of the patch ...
CVE-2021-4280
CVE-2021-4280 affects the styler_praat_scripts component, specifically the file_segmenter.praat within the Slash Handler. The vulnerability arises from an unknown function in that file, enabling remote denial of service without affecting confidentiality or integrity (Impact: Availability, as per ...