OPENSUSE-SU-2026:20773-1 Security update for perl-Net-CIDR

This update for perl-Net-CIDR fixes the following issues: Changes in perl-Net-CIDR: - updated to 0.270.0 0.27 0.27 Sam Varshavchik cidrvalidate bug fix. - updated to 0.260.0 0.26 0.26 Sam Varshavchik cidrvalidate should accept IPv6 addresses with one uncompressed 0. - updated to 0.250.0 0.25 0.25...

CVE-2026-4456

Use after free in Digital Credentials API in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Ubuntu: Security Advisory (USN-8110-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AlmaLinux 9 : .NET 9.0 (ALSA-2026:4456)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4456 advisory. .net: .NET: Denial of Service via out-of-bounds read CVE-2026-26127 asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation...

MINI-Q7HW-4456-J7V3

Bulletin has no description...

CVE-2021-4456

Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact. The functions addr2cidr and cidrlookup may return leading zeros in a CIDR string, which may in turn be parsed as octal numbers by subsequent users. In some cases an attacker ma...

Debian: Security Advisory (DLA-4456-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-4456-1 openjdk-17 - security update

Bulletin has no description...

EUVD-2026-4456

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

CVE-2022-4456

A vulnerability has been found in falling-fruit and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 15adb8e1ea1f1c3e3d152fc266071f621ef0c621. It is recommended to app...

CVE-2025-4456

A vulnerability classified as critical has been found in Project Worlds Car Rental Project 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to t...

CVE-2025-4456

creationtimestamp| type| source ---|---|--- 2025-05-09 03:26:04+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15660 2025-05-09 06:01:28+00:00| published-proof-of-concept| Telegram/NCNMmYwK9k2QA4BOyfDK5dLyUrZyUSDmQzFFIbgaIpVGMxI 2025-05-09 06:19:45+00:00| seen|...

CVE-2025-4456 Project Worlds Car Rental Project signup.php sql injection

A vulnerability classified as critical has been found in Project Worlds Car Rental Project 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to t...

CVE-2025-4456

CVE-2025-4456 affects Project Worlds Car Rental Project 1.0, where the vulnerability lies in an unknown function of the file /signup.php. Manipulating the fname parameter enables SQL injection and, per sources, can be exploited remotely with other parameters potentially affected. Public disclosur...

CVE-2025-4456 Project Worlds Car Rental Project signup.php sql injection

A vulnerability classified as critical has been found in Project Worlds Car Rental Project 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to t...

CVE-2024-4456

creationtimestamp| type| source ---|---|--- 2025-01-16 06:55:17+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1925...

CVE-2024-4456

In affected versions of Octopus Server with certain access levels it was possible to embed a Cross-Site Scripting payload on the audit page...

CVE-2024-4456

CVE-2024-4456 affects Octopus Server. The vulnerability enables embedding a Cross-Site Scripting payload on the audit page for certain access levels. The connected sources do not provide a concrete root cause; they consistently reference an XSS on the audit page in affected Octopus Server release...

Tenda W9 安全漏洞

Tenda W9 is a wireless in-wall access point from Tenda, China. A security vulnerability exists in Tenda W9 version 1.0.0.74456, which stems from an incorrect manipulation of the parameter ssidIndex that can lead to a stack-based buffer overflow. No detailed vulnerability details are provided at...

CVE-2023-51099

Tenda W9 firmware version 1.0.0.7(4456) CN contains a command injection in the formexeCommand function. The issue stems from lack of neutralization of special elements in formexeCommand, potentially allowing a remote attacker to execute arbitrary code. The PT-security entry notes a temporary work...