MINI-PJJ9-4477-3HQ9

Bulletin has no description...

MINI-4477-934Q-RF24

Bulletin has no description...

EUVD-2026-4477

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

CGA-3V73-4477-PQ6W

Bulletin has no description...

CVE-2012-4477

Unspecified vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to bypass access restrictions via unknown attack vectors...

CVE-2025-4477

creationtimestamp| type| source ---|---|--- 2025-05-19 06:38:56+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16811...

CVE-2025-4477

CVE-2025-4477 concerns ThreatSonar Anti-Ransomware (TeamT5). Affected component is the API authorization/privilege management, where improper handling of specific API privileges allows remote attackers with intermediate privileges to escalate to administrator level via a particular API. Related e...

CGA-577M-4477-JMV4

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2016-4477

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wpasupplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and...

RHEL 6 : openstack-keystone (RHSA-2014:0113)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0113 advisory. The openstack-keystone packages provide keystone, a Python implementation of the OpenStack Identity service API, which provides Identity, Token,...

CVE-2024-4477 WP Logs Book <= 1.0.1 - Unauthenticated Stored XSS

The WP Logs Book WordPress plugin through 1.0.1 does not sanitise and escape some of its log data before outputting them back in an admin dashboard, leading to an Unauthenticated Stored Cross-Site Scripting...

CVE-2024-4477 WP Logs Book <= 1.0.1 - Unauthenticated Stored XSS

The WP Logs Book WordPress plugin through 1.0.1 does not sanitise and escape some of its log data before outputting them back in an admin dashboard, leading to an Unauthenticated Stored Cross-Site Scripting...

WordPress WP Logs Book Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Logs Book Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4477 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 68e2026bab3a Credits Bob Matyas Required...

RHEL 7 : wpa_supplicant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wpasupplicant: local configuration update allows privilege escalation CVE-2016-4477 - hostapd 0.6.7 throu...

RHEL 6 : wpa_supplicant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wpasupplicant: P2P group information processing vulnerability CVE-2021-0326 - wpasupplicant: EAP-pwd...

CVE-2018-4477

Rejected reason: This candidate is unused by its CNA...

Debian: Security Advisory (DLA-473-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-4477

The Smash Balloon Social Post Feed WordPress plugin before 4.1.6 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in...

CVE-2022-4477

The CVE-2022-4477 entry concerns the WordPress plugin Smash Balloon Social Post Feed (before 4.1.6). The vulnerability is a Stored Cross-Site Scripting (XSS) flaw caused by incomplete validation/escaping of shortcode attributes, allowing a low-privilege user (contributor) to inject scripts that a...

CVE-2022-4477 Smash Balloon Social Post Feed < 4.1.6 - Contributor+ Stored XSS

The Smash Balloon Social Post Feed WordPress plugin before 4.1.6 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in...