CVE-2026-4318

A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formApLbConfig. This manipulation of the argument loadBalanceNameOld causes buffer overflow. The attack can be initiated remotely. The exploit has been publicly disclosed and m...

CVE-2026-4318

A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formApLbConfig. This manipulation of the argument loadBalanceNameOld causes buffer overflow. The attack can be initiated remotely. The exploit has been publicly disclosed and m...

CVE-2026-4318

creationtimestamp| type| source ---|---|--- 2026-03-17 10:31:11+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116244052137878986 2026-03-17 22:01:54+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhbxxu7hht2s...

EUVD-2026-4318

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid chain re-validation if possible Hamza Mahfooz reports cpu soft lock-ups in nftchainvalidate: watchdog: BUG: soft lockup - CPU1 stuck for 27s! iptables-nft-re:37547 .. RIP: 0010:nftchainvalidate+0xcb/0x1...

CVE-2023-4318

The Herd Effects WordPress plugin before 5.2.4 does not have CSRF when deleting its items, which could allow attackers to make logged in admins delete arbitrary effects via a CSRF attack...

CVE-2018-4318

A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...

CVE-2025-4318

creationtimestamp| type| source ---|---|--- 2025-05-05 19:33:23+00:00| seen| https://bsky.app/profile/nimblenerd.social/post/3loh4devnfc2t 2025-05-05 19:34:49+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114456899706505787 2025-05-05 20:16:43+00:00| seen|...

CVE-2025-4318

The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially allow an authenticated user who has access to create or modify components to run arbitrary JavaScript code during the component rendering and build...

CVE-2024-4318

The Tutor LMS plugin for WordPress is vulnerable to time-based SQL Injection via the ‘questionid’ parameter in versions up to, and including, 2.7.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2022-4318 affecting package cri-o for versions less than 1.22.3-1

CVE-2022-4318 affecting package cri-o for versions less than 1.22.3-1. A patched version of the package is available...

CVE-2024-4318 Tutor LMS <= 2.7.0 - Authenticated (Instructor+) SQL Injection

The Tutor LMS plugin for WordPress is vulnerable to time-based SQL Injection via the ‘questionid’ parameter in versions up to, and including, 2.7.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

WordPress Tutor LMS Plugin <= 2.7.0 is vulnerable to SQL Injection

Software Tutor LMS Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.7.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-4318 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 529631119255 Credits Thanh Nam Tran Required privilege Instructor Published 1...

RHEL 8 / 9 : OpenShift Container Platform 4.12.6 (RHSA-2023:1033)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1033 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

RHEL 8 : OpenShift Container Platform 4.11.34 (RHSA-2023:1503)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1503 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud...

CVE-2022-4318

A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable...

CVE-2022-4318

CVE-2022-4318 is confirmed in multiple records as a vulnerability in cri-o that enables tampering of /etc/passwd via a specially crafted environment variable, effectively a privilege escalation path. Affected scope includes cri-o deployments used by Red Hat OpenShift platforms (OpenShift 4.x line...

CVE-2022-4318 Cri-o: /etc/passwd tampering privesc

A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable...

CVE-2022-4318

A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable...

CVE-2022-4318 Cri-o: /etc/passwd tampering privesc

A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable...

CVE-2023-4318

The Herd Effects WordPress plugin before 5.2.4 does not have CSRF when deleting its items, which could allow attackers to make logged in admins delete arbitrary effects via a CSRF attack...