73 matches found
CVE-2026-4591
creationtimestamp| type| source ---|---|--- 2026-03-23 15:59:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhqgj25bg42i...
EUVD-2026-4591
Not used...
Linux Distros Unpatched Vulnerability : CVE-2016-4591
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local...
CVE-2022-4591
A vulnerability was found in mschaef toto up to 1.4.20. It has been declared as problematic. This vulnerability affects unknown code of the component Email Parameter Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.4.21 is able ...
CVE-2025-4591
The Weluka Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'weluka-map' shortcode in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-4591 Weluka Lite <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Weluka Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'weluka-map' shortcode in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
WordPress Weluka Lite plugin <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Chuck in WordPress Plugin Weluka Lite versions = 1.0.3...
RHSA-2024:4591
creationtimestamp| type| source ---|---|--- 2025-01-13 09:11:16+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1356 2025-01-20 08:59:25+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2354 2025-04-07 01:44:19+00:00| published-proof-of-concept|...
openSUSE: Security Advisory for squashfs (SUSE-SU-2023:4591-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:4591-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Rocky Linux 8 : gcc-toolset-11-annobin (RLSA-2021:4591)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4591 advisory. - DISPUTED An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via...
CVE-2023-4591
creationtimestamp| type| source ---|---|--- 2023-11-03 15:23:18+00:00| seen| https://t.me/cibsecurity/73513...
CVE-2023-4591
A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion LFI via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the...
CVE-2023-4591 Inclusion of Functionality from Untrusted Control Sphere in WPN-XM Serverstack
A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion LFI via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the...
CVE-2023-4591 Inclusion of Functionality from Untrusted Control Sphere in WPN-XM Serverstack
A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion LFI via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the...
CVE-2023-4591
CVE-2023-4591 affects WPN-XM Serverstack 0.8.6. A local file inclusion flaw in the /tools/webinterface/index.php?page parameter allows an unauthenticated user to load server PHP files, potentially enabling a webshell. The issue is rooted in LFI handling and is described across multiple sources as...
CVE-2018-4591
Rejected reason: This candidate is unused by its CNA...
PT-2023-4591 · D Link · D-Link Dar-8000-10
Name of the Vulnerable Software and Affected Versions: D-Link DAR-8000-10 up to 20230809 Description: A critical issue affects the file /app/sys1.php, where the manipulation of the cmd argument with the input id leads to os command injection. This can be initiated remotely. The exploit has been...
SUSE CVE-2005-4591
Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via "invalid input sequences" that lead to heap...
SUSE: Security Advisory (SUSE-SU-2022:4591-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...