CVE-2026-4314

creationtimestamp| type| source ---|---|--- 2026-03-22 03:16:26+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-4314 2026-03-22 04:21:14+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhmoztmke62h 2026-03-22 05:59:40+00:00| seen|...

EUVD-2026-4314

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in saeros1984 Neoforum neoforum allows Blind SQL Injection.This issue affects Neoforum: from n/a through = 1.0...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004314)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004314 advisory. A flaw was found in the Linux kernel in the function hiddebugeventsread in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters pass...

CVE-2023-4314

The wpDataTables WordPress plugin before 2.1.66 does not validate the "Serialized PHP array" input data before deserializing the data. This allows admins to deserialize arbitrary data which may lead to remote code execution if a suitable gadget chain is present on the server. This is impactful in...

CVE-2009-4314

Sun Ray Server Software 4.1 on Solaris 10, when Automatic Multi-Group Hotdesking AMGH is enabled, responds to a logout action by immediately logging the user in again, which makes it easier for physically proximate attackers to obtain access to a session by going to an unattended DTU device...

EUVD-2010-4314

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-4314

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows,...

CVE-2018-4314

A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...

CVE-2025-4314

creationtimestamp| type| source ---|---|--- 2025-05-06 05:20:02+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15057 2025-05-06 06:21:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3loiajnoofm2h 2025-05-06 08:00:49+00:00| published-proof-of-concept|...

CVE-2025-4314 SourceCodester Advanced Web Store index.php sql injection

A vulnerability has been found in SourceCodester Advanced Web Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argument txtLogin leads to sql injection. The attack can be launched remotely. The...

CVE-2025-4314

CVE-2025-4314 affects SourceCodester Advanced Web Store 1.0. The vulnerability is an SQL injection in the admin/index.php file via the txtLogin parameter, arising from improper input handling. It is exploitable remotely and has been publicly disclosed. Documented impacts indicate potential compro...

RHEL 5 : JBoss Enterprise Web Platform 5.1.2 update (Low) (RHSA-2011:1803)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:1803 advisory. The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and ric...

CVE-2024-4314 hostel <= 1.1.5.3 - Cross-Site Request Forgery

The Hostel plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5.3. This is due to missing or incorrect nonce validation when managing rooms. This makes it possible for unauthenticated attackers to create and delete rooms via a forged request...

CVE-2024-4314 hostel <= 1.1.5.3 - Cross-Site Request Forgery

The Hostel plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5.3. This is due to missing or incorrect nonce validation when managing rooms. This makes it possible for unauthenticated attackers to create and delete rooms via a forged request...

WordPress Hostel Plugin <= 1.1.5.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Hostel Type Plugin Vulnerable versions = 1.1.5.3 Fixed in 1.1.5.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4314 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5c8220b39532 Credits Benedictus Jovan aillesiM...

CVE-2019-4314

creationtimestamp| type| source ---|---|--- 2024-01-29 13:11:28+00:00| seen| https://t.me/ctinow/175214...

CVE-2023-4314 wpDataTables < 2.1.66 - Admin+ PHP Object Injection

The wpDataTables WordPress plugin before 2.1.66 does not validate the "Serialized PHP array" input data before deserializing the data. This allows admins to deserialize arbitrary data which may lead to remote code execution if a suitable gadget chain is present on the server. This is impactful in...

CVE-2023-4314

The wpDataTables WordPress plugin prior to version 2.1.66 fails to validate the input for the Serialized PHP array before deserialization, enabling an admin-assisted PHP object injection that may lead to remote code execution if a gadget chain exists. Affected software: wpDataTables

K15151: pyOpenSSL vulnerability CVE-2013-4314

Security Advisory Description The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate...

CVE-2021-4314

creationtimestamp| type| source ---|---|--- 2023-01-18 18:21:11+00:00| seen| https://t.me/cibsecurity/56674...