SUSE CVE-2026-4458

Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

CVE-2026-4458

An use after free flaw was found in the Extensions component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=489619753...

CVE-2026-4458

creationtimestamp| type| source ---|---|--- 2026-03-20 07:22:07+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116260295615191694 2026-03-22 00:02:04+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhmakgu54z26 2026-03-24 01:00:00+00:00| seen|...

CVE-2026-4458

Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

Google Chrome < 146.0.7680.153 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 146.0.7680.153. It is, therefore, affected by multiple vulnerabilities as referenced in the 202603stable-channel-update-for-desktop18 advisory. - Use after free in Extensions in Google Chrome prior to 146.0.7680.153...

Linux Distros Unpatched Vulnerability : CVE-2026-4458

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed an attacker who convinced a user to install a malicious extension to potentially...

CVE-2026-4458

Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

RockyLinux 8 : .NET 10.0 (RLSA-2026:4458)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:4458 advisory. .net: .NET: Denial of Service via out-of-bounds read CVE-2026-26127 asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation...

CVE-2021-4458

creationtimestamp| type| source ---|---|--- 2026-03-12 21:02:32+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mgvcd32rie2h...

RHEL 8 : .NET 10.0 (RHSA-2026:4458)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4458 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

DLA-4458-1 python-django - security update

Bulletin has no description...

EUVD-2026-4458

ALGO 8180 IP Audio Alerter Ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific flaw...

MiracleLinux 4 : glibc-2.12-1.149.AXS4 (AXSA:2014-607:06)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-607:06 advisory. Description : The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory...

CVE-2023-4458 vulnerabilities

Vulnerabilities for packages: linux-qemu-rc...

WordPress Modern Events Calendar Lite plugin <= 6.3.0 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by WordFence in WordPress Plugin Modern Events Calendar Lite versions = 6.3.0...

CVE-2021-4458

CVE-2021-4458 affects the WordPress plugin Modern Events Calendar Lite. A SQL Injection exists via the id parameter of the wp_ajax_mec_load_single_page AJAX action in versions up to 6.3.0 (some sources point to &lt;=6.3.0; PT-Security notes

CVE-2021-4458 Modern Events Calendar Lite <= 6.3.0 - Unauthenticated SQL Injection

The Modern Events Calendar Lite plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter of the 'wpajaxmecloadsinglepage' AJAX action in all versions up to, and including, 6.3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

CVE-2024-4458

The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in several widgets via URL parameters in all versions up to, and including, 2.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2025-4458

creationtimestamp| type| source ---|---|--- 2025-05-09 04:25:00+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15669 2025-05-09 08:41:10+00:00| seen| https://t.me/cvedetector/24909...

CVE-2025-4458

A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /editupatient.php. The manipulation of the argument ID leads to sql injection. The attack can be launched...