EUVD-2026-4378

Missing Authorization vulnerability in Horea Radu Materialis Companion materialis-companion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Materialis Companion: from n/a through = 1.3.52...

MiracleLinux 9 : kernel-5.14.0-162.18.1.el9_1 (AXSA:2023-5196:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5196:07 advisory. kernel: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 kernel: stack overflow in doprocdointvec and...

MiracleLinux 7 : kernel-3.10.0-1160.88.1.el7 (AXSA:2023-5218:08)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5218:08 advisory. kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 kernel: use-after-free related to leaf anonvma double reuse CVE-2022-42703...

MiracleLinux 7 : firefox-68.2.0-1.0.1.el7.AXS7 (AXSA:2019-4378:06)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-4378:06 advisory. Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 CVE-2019-11764 Mozilla: Use-after-free when creating index updates in IndexedDB...

Linux Distros Unpatched Vulnerability : CVE-2023-4378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all version...

CVE-2025-4378

Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in Ataturk University ATA-AOF Mobile Application allows Authentication Abuse, Authentication Bypass. This issue affects ATA-AOF Mobile Application: before 20.06.2025...

CVE-2025-4378

creationtimestamp| type| source ---|---|--- 2025-06-24 16:47:33+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19376 2025-06-24 20:34:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsex2vgzmz2k...

CVE-2013-4378

Cross-site scripting XSS vulnerability in HtmlSessionInformationsReport.java in JavaMelody 1.46 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted X-Forwarded-For header...

Oracle Linux 9 : podman (ELSA-2024-4378)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4378 advisory. - rebuild for CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

CVE-2024-4378 Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Menu and Shape Divider

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's menu and shape widgets in all versions up to, and including, 4.10.30 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

WordPress Premium Addons for Elementor Plugin <= 4.10.31 is vulnerable to Cross Site Scripting (XSS)

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.31 Fixed in 4.10.32 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4378 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID a518161b61c6 Credits stealthcopter...

GitLab 11.8 < 16.1.5 / 16.2 < 16.2.5 / 16.3 < 16.3.1 (CVE-2023-4378)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:4378-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-4378

creationtimestamp| type| source ---|---|--- 2023-09-01 14:13:47+00:00| seen| https://t.me/cibsecurity/69621 2025-05-23 04:46:53+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17370...

UBUNTU-CVE-2023-4378

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A malicious Maintainer can, under specific circumstances, leak the sentry token by changing the...

CVE-2023-4378 Insertion of Sensitive Information Into Sent Data in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A malicious Maintainer can, under specific circumstances, leak the sentry token by changing the...

CVE-2023-4378

GitLab CVE-2023-4378 affects GitLab CE/EE versions: 11.8–16.1.4, 16.2.0–16.2.4, and 16.3.0–16.3.0 (i.e., before 16.1.5, 16.2.5, and 16.3.1 respectively). The issue enables a Maintainer to leak the Sentry token by altering the Sentry error-tracking URL, stemming from an incomplete fix for CVE-2022...

CVE-2023-4378 Insertion of Sensitive Information Into Sent Data in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A malicious Maintainer can, under specific circumstances, leak the sentry token by changing the...

CVE-2023-4378 Insertion of Sensitive Information Into Sent Data in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A malicious Maintainer can, under specific circumstances, leak the sentry token by changing the...

Oracle Linux 6 : kernel (ELSA-2023-1822)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-1822 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds CVE-2022-4378 Orabug: 35304147 Tenable has extracted the preceding description...