ECHO-EBB3-4541-C7BC

Bulletin has no description...

CVE-2026-4541

creationtimestamp| type| source ---|---|--- 2026-03-22 10:14:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhncsankla2z...

DEBIAN-CVE-2026-4541

A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/cryptosigned25519tinyssh.c of the component Ed25519 Signature Handler. This manipulation causes improper verification of cryptographic signature. The attack is restricted to local...

CVE-2026-4541 janmojzis tinyssh Ed25519 Signature crypto_sign_ed25519_tinyssh.c signature verification

A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/cryptosigned25519tinyssh.c of the component Ed25519 Signature Handler. This manipulation causes improper verification of cryptographic signature. The attack is restricted to local...

CVE-2026-4541 janmojzis tinyssh Ed25519 Signature crypto_sign_ed25519_tinyssh.c signature verification

A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/cryptosigned25519tinyssh.c of the component Ed25519 Signature Handler. This manipulation causes improper verification of cryptographic signature. The attack is restricted to local...

CVE-2026-4541

A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/cryptosigned25519tinyssh.c of the component Ed25519 Signature Handler. This manipulation causes improper verification of cryptographic signature. The attack is restricted to local...

CVE-2026-4541

The CVE-2026-4541 entry concerns janmojzis tinyssh (up to 20250501) with a flaw in the Ed25519 Signature Handler—specifically in tinyssh/crypto_sign_ed25519_tinyssh.c. The issue is described as improper verification of a cryptographic signature in a local-execution scenario, with high attack comp...

MiracleLinux 4 : gimp-2.6.9-4.1.0.1.AXS4 (AXSA:2011-685:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-685:01 advisory. GIMP GNU Image Manipulation Program is a powerful image composition and editing program, which can be extremely useful for creating logos and other...

CVE-2025-4541

creationtimestamp| type| source ---|---|--- 2025-05-11 16:21:10+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lovucfk5x4b2 2025-05-11 16:27:48+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15929 2025-05-11...

CVE-2025-4541

A vulnerability classified as critical has been found in LmxCMS 1.41. Affected is the function manageZt of the file c\admin\ZtAction.class.php of the component POST Request Handler. The manipulation of the argument sortid leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2025-4541 LmxCMS POST Request ZtAction.class.php manageZt sql injection

A vulnerability classified as critical has been found in LmxCMS 1.41. Affected is the function manageZt of the file c\admin\ZtAction.class.php of the component POST Request Handler. The manipulation of the argument sortid leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2025-4541

CVE-2025-4541 affects LmxCMS 1.41. The vulnerability is in the function manageZt of the file c/admin/ZtAction.class.php within the POST Request Handler. Manipulation of the sortid argument enables SQL injection, with remote exploitation possible and a public exploit present. Multiple sources conf...

Linux Distros Unpatched Vulnerability : CVE-2016-4541

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The graphemestrpos function in ext/intl/grapheme/graphemestring.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cau...

Linux Distros Unpatched Vulnerability : CVE-2013-4541

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related t...

CVE-2022-4541

creationtimestamp| type| source ---|---|--- 2024-09-26 12:57:33+00:00| seen| https://t.me/cvedetector/6404...

WordPress nm-visitors Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software nm-visitors Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4541 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 95398650de42 Credits rezaduty Required privileg...

RHEL 9 : ghostscript (RHSA-2024:4541)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4541 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats ...

CVE-2024-4541 Custom Product List Table <= 3.0.0 - Cross-Site Request Forgery

The Custom Product List Table plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.0. This is due to missing or incorrect nonce validation when modifying products. This makes it possible for unauthenticated attackers to add, delete, bulk edit,...

CVE-2024-4541 Custom Product List Table <= 3.0.0 - Cross-Site Request Forgery

The Custom Product List Table plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.0. This is due to missing or incorrect nonce validation when modifying products. This makes it possible for unauthenticated attackers to add, delete, bulk edit,...

WordPress Custom Product List Table Plugin <= 3.0.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Custom Product List Table Type Plugin Vulnerable versions = 3.0.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4541 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 880a62dd6058 Credits Benedictus...