Debian: Security Advisory (DLA-4481-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MiracleLinux 4 : ruby-1.8.7.352-10.AXS4 (AXSA:2013-281:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-281:01 advisory. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do syste...

CVE-2022-4481

The Mesmerize Companion WordPress plugin before 1.6.135 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2025-4481

creationtimestamp| type| source ---|---|--- 2025-05-09 17:25:48+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15785 2025-05-09 18:13:41+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loqzm767aod2 2025-05-09...

CVE-2025-4481

The CVE-2025-4481 entry concerns SourceCodester Apartment Visitor Management System 1.0. A vulnerability exists in the file /search-result.php where the manipulation of the searchdata parameter leads to SQL injection. A remote attacker could exploit this, and multiple sources label the issue as c...

CVE-2025-4481 SourceCodester Apartment Visitor Management System search-result.php sql injection

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /search-result.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely...

CVE-2025-4481 SourceCodester Apartment Visitor Management System search-result.php sql injection

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /search-result.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely...

CVE-2024-4481

CVE-2024-4481 affects Gutenberg Blocks with AI by Kadence WP (WordPress). The WordPress plugin Kadence Blocks vulnerability allows Stored XSS via the link attribute in blocks across all versions up to 3.2.36. attacker requires at least contributor-level authentication to inject scripts into pages...

CVE-2024-4481 Gutenberg Blocks with AI by Kadence WP <= 3.2.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Link

The Gutenberg Blocks with AI by Kadence WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' attribute of the plugin's blocks in all versions up to, and including, 3.2.36 due to insufficient input sanitization and output escaping on user supplied attributes. This...

WordPress Gutenberg Blocks by Kadence Blocks Plugin <= 3.2.36 is vulnerable to Cross Site Scripting (XSS)

Software Gutenberg Blocks by Kadence Blocks Type Plugin Vulnerable versions = 3.2.36 Fixed in 3.2.37 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4481 Patch priority Low CVSS severity Low 6.5 Developer KadenceWP PSID d82d46e2deff Credits Ngô Thiên...

CVE-2023-4481 Junos OS and Junos OS Evolved: A crafted BGP UPDATE message allows a remote attacker to de-peer (reset) BGP sessions (CVE-2023-4481)

An Improper Input Validation vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When certain specific crafted BGP UPDATE messages are received over an established BG...

CVE-2023-4481

CVE-2023-4481 describes an improper input validation in Juniper’s Routing Protocol Daemon (rpd) for Junos OS and Junos OS Evolved. A remote, unauthenticated attacker can cause a DoS by sending crafted BGP UPDATE messages over an existing BGP session; the impact can be sustained as updates are pro...

CVE-2022-4481

creationtimestamp| type| source ---|---|--- 2023-01-16 18:24:27+00:00| seen| https://t.me/cibsecurity/56551 2025-04-07 17:45:31+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10744...

CVE-2022-4481 Mesmerize Companion < 1.6.135 - Contributor+ Stored XSS

The Mesmerize Companion WordPress plugin before 1.6.135 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2022-4481

The CVE-2022-4481 entry affects the Mesmerize Companion WordPress plugin prior to version 1.6.135. The vulnerability arises because the plugin does not validate and escape certain shortcode attributes before output, enabling Stored XSS. Impact can allow users with as low as Contributor privileges...

SUSE: Security Advisory (SUSE-SU-2022:4481-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : bluez (RHSA-2020:4481)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4481 advisory. The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start script...

Ubuntu 18.04 LTS / 20.04 LTS : FreeRDP vulnerabilities (USN-4481-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4481-1 advisory. It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to cras...

CVE-2020-4481

IBM UrbanCode Deploy UCD 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 181848...

CVE-2020-4481

IBM UrbanCode Deploy (UCD) versions affected: 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0. Description: vulnerable to an XML External Entity (XXE) attack when processing XML data, allowing a remote attacker to expose sensitive information or consume memory resources. Root cause: XXE processing in UCD'...