165 matches found
CVE-2026-4575
creationtimestamp| type| source ---|---|--- 2026-03-23 12:28:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhq2pzbq3k2n...
CVE-2026-4575
The CVE-2026-4575 entry concerns code-projects Exam Form Submission 1.0, where the argument sname in /admin/update_s2.php can be manipulated to trigger cross-site scripting. The flaw can be exploited remotely, and an exploit has been published and may be used. The available documents specify the ...
CVE-2026-4575 code-projects Exam Form Submission update_s2.php cross site scripting
A flaw has been found in code-projects Exam Form Submission 1.0. This issue affects some unknown processing of the file /admin/updates2.php. This manipulation of the argument sname causes cross site scripting. The attack can be initiated remotely. The exploit has been published and may be used...
MINI-2JWQ-QJWF-4575
Bulletin has no description...
EUVD-2026-4575
The Wizit Gateway for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary Order Cancellation in all versions up to, and including, 1.2.9. This is due to a lack of authentication and authorization checks in the 'handlecheckoutredirecturlresponse' function. This makes it...
GHSA-4575-FH42-7848
creationtimestamp| type| source ---|---|--- 2025-11-04 23:39:54+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115494066188195772...
TencentOS Server 3: thunderbird (TSSA-2023:0185)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0185 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 2: thunderbird (TSSA-2023:0163)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0163 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
K000151542: OpenSSL vulnerability CVE-2025-4575
Security Advisory Description Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as truste...
CVE-2024-4575
creationtimestamp| type| source ---|---|--- 2025-05-24 07:26:20+00:00| seen| https://bsky.app/profile/omo.bsky.social/post/3lpvmkpisu22w...
CVE-2022-4575
A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad models could allow an attacker with physical or local access and elevated privileges the ability to bypass Secure Boot...
OpenSSL x509 Vulnerability (20250522) - Windows
OpenSSL is prone to a vulnerability in the x509 application. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl";...
OpenSSL x509 Vulnerability (20250522) - Linux
OpenSSL is prone to a vulnerability in the x509 application. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl";...
CVE-2025-4575
Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...
CVE-2025-4575 The x509 application adds trusted use instead of rejected use
Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...
CVE-2025-4575
Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...
CVE-2025-4575
Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...
CVE-2025-4575
Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...
OpenSSL 3.5.0 < 3.5.1 Vulnerability
The version of OpenSSL installed on the remote host is prior to 3.5.1. It is, therefore, affected by a vulnerability as referenced in the 3.5.1 advisory. - Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate...
CVE-2024-4575 LayerSlider 7.11.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via ls_search_form Shortcode
The LayerSlider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's lssearchform shortcode in version 7.11.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...