CVE-2018-4383

A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

Debian dla-4383 : rails - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4383 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4383-1 [email protected]...

CVE-2025-4383

Improper Restriction of Excessive Authentication Attempts vulnerability in Art-in Bilişim Teknolojileri ve Yazılım Hizm. Tic. Ltd. Şti. Wi-Fi Cloud Hotspot allows Authentication Abuse, Authentication Bypass. This issue affects Wi-Fi Cloud Hotspot: before 30.05.2025...

CVE-2025-4383 Authentication Bypass in Art-In Systems' Wi-Fi Cloud Hotspot

Improper Restriction of Excessive Authentication Attempts vulnerability in Art-in Bilişim Teknolojileri ve Yazılım Hizm. Tic. Ltd. Şti. Wi-Fi Cloud Hotspot allows Authentication Abuse, Authentication Bypass. This issue affects Wi-Fi Cloud Hotspot: before 30.05.2025...

CVE-2022-4383

The CBX Petition for WordPress plugin through 1.0.3 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

CVE-2021-4383

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to page content injection in versions up to, and including, 5.5. This is due to missing capability checks in the plugin's page-editing functionality. This makes it possible for low-authenticated attackers, such as subscribers, to...

CVE-2024-4383

creationtimestamp| type| source ---|---|--- 2025-02-06 02:44:19+00:00| seen| Telegram/3SuBAgb-33WixANoVU0GZutx8LPqNNFgMKha3xFulSI52rP...

CGA-4383-55RH-R65M

Bulletin has no description...

CGA-4383-JMP4-2H28

Bulletin has no description...

CVE-2024-4383

The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'swpmpaypalsubscriptioncancellink' shortcode in all versions up to, and including, 4.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-4383

CVE-2024-4383 affects the WordPress plugin Simple Membership. The vulnerability is a Stored Cross-Site Scripting via the plugin’s swpm_paypal_subscription_cancel_link shortcode in all versions up to and including 4.4.5, caused by insufficient input sanitization and output escaping on user-supplie...

CVE-2024-4383 Simple Membership <= 4.4.5 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode

The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'swpmpaypalsubscriptioncancellink' shortcode in all versions up to, and including, 4.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

WordPress Simple Membership Plugin <= 4.4.5 is vulnerable to Cross Site Scripting (XSS)

Software Simple Membership Type Plugin Vulnerable versions = 4.4.5 Fixed in 4.4.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4383 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 39626d5eed25 Credits wesley wcraft Required...

CVE-2023-4383

creationtimestamp| type| source ---|---|--- 2023-08-17 00:36:42+00:00| seen| https://t.me/cibsecurity/68689...

CVE-2023-4383 MicroWorld eScan Anti-Virus runasroot incorrect execution-assigned permissions

A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been...

CVE-2023-4383

CVE-2023-4383 affects MicroWorld eScan Anti-Virus 7.0.32 on Linux. The root cause is an improperly assigned privilege in the file runasroot, causing incorrect execution permissions. It is a local vulnerability (attack vector: LOCAL) with low attack complexity and requires low privileges, no user ...

RHEL 8 : openssh (RHSA-2023:4383)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4383 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary f...

CVE-2021-4383 WP Quick FrontEnd Editor <= 5.5 - Authenticated (Subscriber+) Content Injection

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to page content injection in versions up to, and including, 5.5. This is due to missing capability checks in the plugin's page-editing functionality. This makes it possible for low-authenticated attackers, such as subscribers, to...

CVE-2021-4383

CVE-2021-4383 affects the WP Quick FrontEnd Editor plugin for WordPress. Technical details in the connected documents show a vulnerability in page-editing due to missing capability checks, making it possible for low-authenticated users (e.g., subscribers) to edit or create any page or post on sit...

CVE-2022-4383

creationtimestamp| type| source ---|---|--- 2023-01-23 18:24:59+00:00| seen| https://t.me/cibsecurity/56833...