CVE-2026-33786 Junos OS: SRX1600, SRX2300, SRX4300: When a specific show command is executed chassisd crashes

An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon chassisd of Juniper Networks Junos OS on SRX1600, SRX2300 and SRX4300 allows a local attacker with low privileges to cause a complete Denial of Service DoS. When a specific 'show chassis' CLI comma...

CVE-2026-4300

creationtimestamp| type| source ---|---|--- 2026-04-08 10:51:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3miy4s7jhqh23...

EUVD-2026-4300

Managed Switch Port Mapping Tool 2.85.2 contains a denial of service vulnerability that allows attackers to crash the application by creating an oversized buffer. Attackers can generate a 10,000-character buffer and paste it into the IP Address and SNMP Community Name fields to trigger the...

EUVD-2007-4039

Malware in sbrugna...

ECHO-4300-2F45-76EB

Bulletin has no description...

DLA-4300-1 shibboleth-sp - security update

Bulletin has no description...

CVE-2025-4300

creationtimestamp| type| source ---|---|--- 2025-05-06 00:19:45+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15013 2025-05-06 03:01:09+00:00| published-proof-of-concept| Telegram/Ex08nW809hfereTxVuzlVNPEWgKV-gkxUk0XTpKZHG8ORKo 2025-05-06 04:16:07+00:00| seen|...

CVE-2025-4300

A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Affected is an unknown function of the file /searchlist.php. The manipulation of the argument Search leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-4300 itsourcecode Content Management System search_list.php sql injection

A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Affected is an unknown function of the file /searchlist.php. The manipulation of the argument Search leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

Linux Distros Unpatched Vulnerability : CVE-2018-4300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web...

Linux Distros Unpatched Vulnerability : CVE-2018-4700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-4300. Reason: This candidate is a duplicate of CVE-2018-4300. Notes: All CVE users shoul...

CVE-2024-4300

E-WEBInformationCo. FS-EZViewerWeb exposes sensitive information in the service. A remote attacker can obtain the database configuration file path through the webpage source code without login. Accessing this path allows attacker to obtain the database credential with the highest privilege and...

CVE-2024-4300

Summary of CVE-2024-4300 (FS-EZViewer(Web)) Affected software: E‑WEBInformationCo. FS‑EZViewer(Web). What is vulnerable: exposed sensitive information through the service; the page source reveals the database configuration file path without authentication, enabling access to credentials and datab...

CVE-2024-4300 E-WEBInformationCo. FS-EZViewer(Web) - Sensitive Data Exposure

E-WEBInformationCo. FS-EZViewerWeb exposes sensitive information in the service. A remote attacker can obtain the database configuration file path through the webpage source code without login. Accessing this path allows attacker to obtain the database credential with the highest privilege and...

Malicious code in wlwz-2312-4300 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9980f9c3175ff391d04001bff3f5e5cb9043ad54020e9783fe64f85bab88de02 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-557 Malicious code in wlwz-2312-4300 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9980f9c3175ff391d04001bff3f5e5cb9043ad54020e9783fe64f85bab88de02 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WordPress Import XML and RSS Feeds Plugin < 2.1.4 is vulnerable to Arbitrary File Upload

Software Import XML and RSS Feeds Type Plugin Vulnerable versions 2.1.4 Fixed in 2.1.4 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-4300 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID c89e25140dca Credits Jonatas Souza Villa Flor Required...

CVE-2023-4300

The Import XML and RSS Feeds WordPress plugin before 2.1.4 does not filter file extensions for uploaded files, allowing an attacker to upload a malicious PHP file, leading to Remote Code Execution...

CVE-2023-4300

The CVE-2023-4300 entry concerns the WordPress plugin Import XML and RSS Feeds, prior to version 2.1.4. The root cause is failure to filter file extensions for uploaded files, enabling an attacker to upload a PHP file and achieve Remote Code Execution. Public details across sources confirm the af...

CVE-2023-4300 Import XML and RSS Feeds < 2.1.4 - Admin+ Arbitrary File Upload

The Import XML and RSS Feeds WordPress plugin before 2.1.4 does not filter file extensions for uploaded files, allowing an attacker to upload a malicious PHP file, leading to Remote Code Execution...