Debian: Security Advisory (DLA-4381-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-4381

creationtimestamp| type| source ---|---|--- 2025-07-02 09:33:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsxvum32wr2a...

CVE-2025-4381

The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to SQL Injection via the ‘$id’ variable of the getSpace function in all versions up to, and including, 4.89 due to insufficient escaping on the user supplied parameter and lack of sufficient...

CVE-2022-4381

The Popup Maker WordPress plugin before 1.16.9 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

CVE-2018-4381

A resource exhaustion issue was addressed with improved input validation. This issue is fixed in tvOS 12.1, iOS 12.1. Processing a maliciously crafted message may lead to a denial of service...

CVE-2021-4381

The uListing plugin for WordPress is vulnerable to authorization bypass via wproute due to missing capability checks, and a missing security nonce, in the StmListingSingleLayout::importnewlayout method in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers t...

WordPress CB (legacy) Plugin <= 0.9.4.18 is vulnerable to Cross Site Scripting (XSS)

Software CB legacy Type Plugin Vulnerable versions = 0.9.4.18 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4381 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 4e6302b904fc Credits Bob Matyas Required privilege...

CVE-2022-4381

creationtimestamp| type| source ---|---|--- 2023-11-09 19:00:04+00:00| seen| https://t.me/arpsyndicate/36...

SUSE: Security Advisory (SUSE-SU-2023:4381-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-4381

creationtimestamp| type| source ---|---|--- 2023-08-16 16:50:27+00:00| seen| https://t.me/cibsecurity/68638...

CVE-2023-4381

Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

CVE-2023-4381 Unverified Password Change in instantsoft/icms2

Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

CVE-2023-4381 Unverified Password Change in instantsoft/icms2

Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

CVE-2023-4381

CVE-2023-4381 affects the instantsoft/icms2 CMS prior to version 2.16.1-git. The root cause is an unverified password change, enabling an attacker to change a user’s password without proper verification. Impact is described as minimal in the CVSS data, but the issue enables unauthorized password ...

RHEL 8 : openssh (RHSA-2023:4381)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4381 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary f...

CVE-2021-4381

The uListing plugin for WordPress is vulnerable to authorization bypass via wproute due to missing capability checks, and a missing security nonce, in the StmListingSingleLayout::importnewlayout method in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers t...

CVE-2021-4381

The uListing plugin for WordPress is vulnerable to authorization bypass via wproute due to missing capability checks, and a missing security nonce, in the StmListingSingleLayout::importnewlayout method in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers t...

CVE-2021-4381

CVE-2021-4381 affects the WordPress uListing plugin (versions up to and including 1.6.6). The root cause is missing capability checks and a missing security nonce in StmListingSingleLayout::import_new_layout, enabling unauthenticated attackers to bypass authorization and modify WordPress options ...

CVE-2021-4381 uListing <= 1.6.6 - Unauthenticated Options Changes via wp_route

The uListing plugin for WordPress is vulnerable to authorization bypass via wproute due to missing capability checks, and a missing security nonce, in the StmListingSingleLayout::importnewlayout method in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers t...

RHEL 8 : openstack-selinux (RHSA-2020:4381)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:4381 advisory. The openstack-selinux package is a collection of SELinux policies for running OpenStack on Red Hat Enterprise Linux. Security Fixes: policy flaw allo...