RockyLinux 10 : libvpx (RLSA-2026:4629)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:4629 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note...

CVE-2022-4629

The Product Slider for WooCommerce WordPress plugin before 2.6.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used...

CVE-2013-4629

The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception method...

Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.10 security update on RHEL 9

New Red Hat Single Sign-On 7.6.10 packages are now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.10 security update on RHEL 8

New Red Hat Single Sign-On 7.6.10 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.10 security update on RHEL 7

New Red Hat Single Sign-On 7.6.10 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 9 : Red Hat Single Sign-On 7.6.10 security update on RHEL 9 (Moderate) (RHSA-2024:6495)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6495 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

RHEL 7 : Red Hat Single Sign-On 7.6.10 security update on RHEL 7 (Moderate) (RHSA-2024:6493)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6493 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

CVE-2024-4629

creationtimestamp| type| source ---|---|--- 2024-09-03 23:19:55+00:00| seen| https://t.me/cvedetector/4721...

CVE-2023-4629

creationtimestamp| type| source ---|---|--- 2024-03-12 11:31:33+00:00| seen| https://t.me/ctinow/205541 2024-03-12 11:36:28+00:00| seen| https://t.me/ctinow/205548...

CVE-2023-4629

CVE-2023-4629 affects the LadiApp WordPress plugin (up to v4.3) and is due to a missing nonce check in save_config(), enabling CSRF. This allows unauthenticated attackers to update the ladipage_config option by tricking an administrator into performing an action (e.g., clicking a forged link). Im...

Rocky Linux 8 : libvpx (RLSA-2020:4629)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4629 advisory. - In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote cod...

CVE-2022-4629

The Product Slider for WooCommerce WordPress plugin before 2.6.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used...

CVE-2022-4629

The CVE‑2022‑4629 entry concerns the WordPress plugin Product Slider for WooCommerce (versions prior to 2.6.4). The vulnerability arises from failure to validate and escape certain shortcode attributes, allowing a user with as little as a contributor role to trigger a stored XSS, potentially impa...

CVE-2022-4629 Product Slider for WooCommerce < 2.6.4 - Contributor+ Stored XSS in Shortcode

The Product Slider for WooCommerce WordPress plugin before 2.6.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used...

SUSE: Security Advisory (SUSE-SU-2022:4629-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress Product Slider for WooCommerce Plugin < 2.6.4 is vulnerable to Cross Site Scripting (XSS)

Software Product Slider for WooCommerce Type Plugin Vulnerable versions 2.6.4 Fixed in 2.6.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4629 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 97b9b3d3fb3c Credits Istvá...

AlmaLinux 8 : libvpx (ALSA-2020:4629)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4629 advisory. - In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote code...

Security Bulletin: Security vulnerabilities affect multiple IBM Rational products based on IBM Jazz technology

Summary Multiple security vulnerabilities affect components used by the following products that may affect those products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manager...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server traditional shipped with IBM Operations Analytics Predictive Insights (CVE-2020-4629)

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server vulnerability CVE-2020-4629 through exploiting access to FFDC logs file on the server has been published in a security bulletin...