Lucene search
K

75 matches found

EUVD
EUVD
added 2026/01/23 3:24 p.m.3 views

EUVD-2026-4280

In the Linux kernel, the following vulnerability has been resolved: nfsd: check that server is running in unlockfilesystem If we are trying to unlock the filesystem via an administrative interface and nfsd isn't running, it crashes the server. This happens currently because nfsd4revokestates acce...

5.2AI score0.00115EPSS
Exploits0References4
OSV
OSV
added 2025/08/24 12:0 a.m.6 views

DLA-4280-1 unbound - security update

Bulletin has no description...

8.7CVSS6.2AI score0.01729EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 8:40 a.m.8 views

CVE-2024-4280

The White Label CMS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the resetplugin function in all versions up to, and including, 2.7.3. This makes it possible for unauthenticated attackers to reset plugin settings...

5.3CVSS6.7AI score0.00425EPSS
Exploits0References1
Circl
Circl
added 2025/05/22 10:43 a.m.24 views

CVE-2025-4280

creationtimestamp| type| source ---|---|--- 2025-05-22 10:43:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17264 2025-05-22 11:30:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpqzbcplpm2w...

4.8CVSS4.8AI score0.00148EPSS
Exploits0References2
NVD
NVD
added 2025/05/22 10:15 a.m.18 views

CVE-2025-4280

MacOS version of Poedit bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...

4.8CVSS0.00148EPSS
Exploits0References5
CVE
CVE
added 2025/05/22 9:59 a.m.60 views

CVE-2025-4280

Poedit on macOS is affected by CVE-2025-4280 due to a bundled Python interpreter inheriting the app’s TCC permissions. A local attacker can invoke the interpreter to run arbitrary commands using those granted permissions to access files in privacy-protected folders without user prompts, potential...

4.8CVSS6.7AI score0.00148EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/05/22 9:59 a.m.8 views

CVE-2025-4280 TCC Bypass via Inherited Permissions in Bundled Interpreter in Poedit.app

MacOS version of Poedit bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...

4.8CVSS6.8AI score0.00148EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/05/22 9:59 a.m.21 views

CVE-2025-4280 TCC Bypass via Inherited Permissions in Bundled Interpreter in Poedit.app

MacOS version of Poedit bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...

4.8CVSS0.00148EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2013-4280

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insecure temporary file vulnerability in RedHat vsdm 4.9.6. CVE-2013-4280 Note that Nessus relies on the presence of the package as reported by the vendor...

5.5CVSS7.1AI score0.00422EPSS
Exploits1References1
NVD
NVD
added 2024/05/14 3:43 p.m.20 views

CVE-2024-4280

The White Label CMS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the resetplugin function in all versions up to, and including, 2.7.3. This makes it possible for unauthenticated attackers to reset plugin settings...

5.3CVSS5.5AI score0.00425EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/05/10 12:0 a.m.12 views

WordPress White Label CMS Plugin <= 2.7.3 is vulnerable to Broken Access Control

Software White Label CMS Type Plugin Vulnerable versions = 2.7.3 Fixed in 2.7.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4280 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID a368614cfe17 Credits Krzysztof Zając Required...

5.3CVSS6.6AI score0.00425EPSS
Exploits0References3Affected Software1
Circl
Circl
added 2024/01/02 6:26 p.m.4 views

CVE-2023-4280

creationtimestamp| type| source ---|---|--- 2024-01-02 18:26:57+00:00| seen| https://t.me/ctinow/161943 2024-01-03 01:35:59+00:00| seen| https://t.me/cibsecurity/74185 2024-01-23 07:52:00+00:00| seen| https://t.me/ctinow/171754 2025-06-13 19:35:03+00:00| published-proof-of-concept|...

9.8CVSS8.7AI score0.00403EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/01/02 4:52 p.m.35 views

CVE-2023-4280 Unvalidated input in Silicon Labs TrustZone implementation leads to accessing Trusted memory region

An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region...

9.3CVSS9.6AI score0.00403EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/02 4:52 p.m.7 views

CVE-2023-4280 Unvalidated input in Silicon Labs TrustZone implementation leads to accessing Trusted memory region

An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region...

9.3CVSS9.4AI score0.00403EPSS
Exploits0References2
CVE
CVE
added 2024/01/02 4:52 p.m.58 views

CVE-2023-4280

Silicon Labs Gecko SDK, v4.3.x and earlier, contains an unvalidated input issue in the TrustZone implementation that lets an attacker access the trusted memory region from the untrusted region. Affected component: TrustZone in Gecko SDK. Root cause: unvalidated input allowing cross-region access....

9.8CVSS9.3AI score0.00403EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2022/12/25 10:40 p.m.6 views

CVE-2021-4280

creationtimestamp| type| source ---|---|--- 2022-12-25 22:40:10+00:00| seen| https://t.me/cibsecurity/55308...

6.5CVSS4.8AI score0.0068EPSS
Exploits0References1
NVD
NVD
added 2022/12/25 8:15 p.m.18 views

CVE-2021-4280

A vulnerability was found in stylerpraatscripts. It has been classified as problematic. Affected is an unknown function of the file filesegmenter.praat of the component Slash Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The name of the patch ...

6.5CVSS0.0068EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/12/25 7:51 p.m.4 views

CVE-2021-4280 styler_praat_scripts Slash file_segmenter.praat denial of service

A vulnerability was found in stylerpraatscripts. It has been classified as problematic. Affected is an unknown function of the file filesegmenter.praat of the component Slash Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The name of the patch ...

4.3CVSS6.5AI score0.0068EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/12/25 7:51 p.m.21 views

CVE-2021-4280 styler_praat_scripts Slash file_segmenter.praat denial of service

A vulnerability was found in stylerpraatscripts. It has been classified as problematic. Affected is an unknown function of the file filesegmenter.praat of the component Slash Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The name of the patch ...

4.3CVSS6.7AI score0.0068EPSS
Exploits0References3
CVE
CVE
added 2022/12/25 7:51 p.m.56 views

CVE-2021-4280

CVE-2021-4280 affects the styler_praat_scripts component, specifically the file_segmenter.praat within the Slash Handler. The vulnerability arises from an unknown function in that file, enabling remote denial of service without affecting confidentiality or integrity (Impact: Availability, as per ...

6.5CVSS5.4AI score0.0068EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder