MINI-4388-V598-299W

Bulletin has no description...

CVE-2026-4388

creationtimestamp| type| source ---|---|--- 2026-04-14 04:44:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjgl2haur22z 2026-04-14 05:17:21+00:00| seen| Telegram/VN5qpdZvC1XQa0kocwrxs34zDP5KgO9HhvqtOghSHVfgqA...

MINI-76WR-4388-759F

Bulletin has no description...

CVE-2018-4388

A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.1...

CVE-2008-4388

The LaunchObj ActiveX control before 5.2.2.865 in launcher.dll in Symantec AppStream Client 5.2.x before 5.2.2 SP3 MP1 does not properly validate downloaded files, which allows remote attackers to execute arbitrary code via the installAppMgr method and unspecified other methods...

CVE-2025-4388

Liferay Portal/DXP CVE-2025-4388 is a reflected XSS affecting Portal 7.4.0–7.4.3.131 and DXP 2024.Q1.1–Q4.5 across multiple 2024 releases up to 7.4 GA with update 92. The vulnerability allows a remote, unauthenticated attacker to inject JavaScript into the modules/apps/marketplace/marketplace-app...

CVE-2025-4388

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.5, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12, 7.4 GA through update 92 allows an remote non-authenticated...

CVE-2024-4388

This does not validate a path generated with user input when downloading files, allowing unauthenticated user to download arbitrary files from the server...

CVE-2024-4388 CAS <= 1.0.0 - Unauthenticated Arbitrary File Access

This does not validate a path generated with user input when downloading files, allowing unauthenticated user to download arbitrary files from the server...

CVE-2024-4388 CAS <= 1.0.0 - Unauthenticated Arbitrary File Access

This does not validate a path generated with user input when downloading files, allowing unauthenticated user to download arbitrary files from the server...

CVE-2024-4388

CVE-2024-4388 affects the WordPress CAS plugin (versions &lt;= 1.0.0). The vulnerability arises from a failure to validate a user-supplied path when downloading files, enabling an unauthenticated attacker to download arbitrary server files via endpoints like download.php?path=.... Several connect...

CVE-2021-4388

creationtimestamp| type| source ---|---|--- 2023-12-11 01:11:52+00:00| seen| https://t.me/arpsyndicate/1684...

SUSE: Security Advisory (SUSE-SU-2023:4388-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-4388

creationtimestamp| type| source ---|---|--- 2023-10-17 00:32:22+00:00| seen| https://t.me/cibsecurity/72354...

CVE-2023-4388

CVE-2023-4388 (EventON WordPress plugin) affects WordPress EventON versions prior to 2.2. The vulnerability arises from insufficient sanitization/escaping of certain settings, enabling stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (e.g., multisite). The...

CVE-2023-4388 EventON < 2.2 - Admin+ Stored XSS

The EventON WordPress plugin before 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2021-4388

The CVE-2021-4388 entry concerns the Opal Estate plugin for WordPress, vulnerable up to version 1.6.11 due to missing capability checks in opalestate_set_feature_property() and opalestate_remove_feature_property(). This flaw allows unauthenticated attackers to set or remove featured properties. T...

SUSE CVE-2013-4388

Buffer overflow in the mp4a packetizer modules/packetizer/mpeg4audio.c in VideoLAN VLC Media Player before 2.0.8 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors...

Mageia: Security Advisory (MGASA-2014-0296)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:1210-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...