MINI-9G2F-4567-W3F9

Bulletin has no description...

CVE-2026-4567

creationtimestamp| type| source ---|---|--- 2026-03-22 09:05:07+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116272025234810629 2026-03-23 03:00:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mhp2yfkb7o2m 2026-03-23 05:00:15+00:00| seen|...

PT-2026-27016

Name of the Vulnerable Software and Affected Versions Tenda A15 version 15.13.07.13 Description A stack-based buffer overflow exists in the UploadCfg function of the /cgi-bin/UploadCfg file. The issue is triggered by manipulating the File argument. This allows for remote exploitation. The exploit...

GO-2026-4567 Vitess users can gain unauthorized access to production deployment environments in vitess.io/vitess

Vitess users with backup storage access can gain unauthorized access to production deployment environments in vitess.io/vitess...

EUVD-2026-4567

The ZT Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.4. This is due to improper nonce validation on the saveztcptcaptchasettings action where the nonce check can be bypassed by sending an empty token value. This makes it possibl...

MiracleLinux 3 : kernel-2.6.18-128.14.AXS3 (AXSA:2010-141:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-141:01 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

CVE-2018-25126

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware used by many white-labeled DVR/NVR/IPC products contains hardcoded API credentials and an OS command injection flaw in its configuration services. The web/API interface accepts HTTP/XML requests authenticated with a fixed vendor...

EUVD-2025-199000

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware used by many white-labeled DVR/NVR/IPC products contains hardcoded API credentials and an OS command injection flaw in its configuration services. The web/API interface accepts HTTP/XML requests authenticated with a fixed vendor...

CVE-2018-25126 TVT NVMS-9000 Hard-coded API Credentials & Command Injection

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware used by many white-labeled DVR/NVR/IPC products contains hardcoded API credentials and an OS command injection flaw in its configuration services. The web/API interface accepts HTTP/XML requests authenticated with a fixed vendor...

CVE-2018-25126

CVE-2018-25126 affects Shenzhen TVT NVMS-9000 firmware, used in many white-labeled DVR/NVR/IPC products. The issue arises from hardcoded API credentials and an OS command injection flaw in the configuration services: the web/API interface accepts HTTP/XML requests authenticated with a fixed vendo...

PT-2025-47576

🎯 Real scan results: 11 subdomains → 4m 35s ✅ Found nginx/1.18.0 🔴 Detected CVE-2021-4567 HIGH 🤖 AI provided patch + remediation All automatic. All local. All free. This is recon in 2025 👀 bugbountytips cve appsec...

EUVD-2012-2592

Malware in sbrugna...

CVE-2023-4567

creationtimestamp| type| source ---|---|--- 2025-09-25 15:28:03+00:00| seen| https://gist.github.com/Darkcrai86/ff45598f5231f7dc8bb2b82a0bfda311 2026-03-19 16:04:13+00:00| seen| https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3mhgevduv5li2 2026-03-22 11:02:33+00:00| seen|...

CVE-2022-4567

Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2...

RHEL 8 / 9 : java-11-openjdk (RHSA-2024:4567)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4567 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security...

Oracle Linux 8 / 9 : java-11-openjdk (ELSA-2024-4567)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4567 advisory. 11.0.24.0.8-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:11.0.24.0.8-1 - Update to jdk-11.0.24+8 GA - Update release notes to 11.0.24+8 -...

CGA-4567-4GPR-VGCP

Bulletin has no description...

CVE-2024-4567 Themify Shortcodes <= 2.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via themify_button Shortcode

The Themify Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's themifybutton shortcode in all versions up to, and including, 2.0.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-4567 Themify Shortcodes <= 2.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via themify_button Shortcode

The Themify Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's themifybutton shortcode in all versions up to, and including, 2.0.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress Themify Shortcodes Plugin <= 2.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Themify Shortcodes Type Plugin Vulnerable versions = 2.0.9 Fixed in 2.1.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4567 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1f47e36fe951 Credits Francesco Carlucci...