CVE-2026-4634 vulnerabilities

Vulnerabilities for packages: keycloak...

CVE-2026-4634

creationtimestamp| type| source ---|---|--- 2026-04-02 14:45:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mijgzxjx4y2s 2026-04-02 15:20:57+00:00| seen| Telegram/1FZmwvj65iY9NiI7VGWCBujhZKTilfhPPvdqi0EqVANQnis 2026-04-17 02:07:07+00:00| seen|...

Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.2.15 Images Update

New images are available for Red Hat build of Keycloak 26.2.15 and Red Hat build of Keycloak 26.2.15 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Ha...

MINI-4634-9652-Q8WP

Bulletin has no description...

MINI-CCW5-4634-6GQQ

Bulletin has no description...

CVE-2025-4634

The web portal on airpointer 2.4.107-2 was vulnerable local file inclusion. A malicious user with administrative privileges in the web portal would be able to manipulate requests to view files on the filesystem...

CVE-2010-4634

Directory traversal vulnerability in osTicket 1.6 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter to module.php, a different vector than CVE-2005-1439. NOTE: this issue has been disputed by a reliable third party...

RHEL 8 : firefox (RHSA-2024:4634)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4634 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: Mozilla:...

CVE-2024-4634 Elementor Header & Footer Builder <= 1.6.28 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hfesvgmimetypes’ function in versions up to, and including, 1.6.28 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-4634 Elementor Header & Footer Builder <= 1.6.28 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hfesvgmimetypes’ function in versions up to, and including, 1.6.28 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

SUSE: Security Advisory (SUSE-SU-2023:4634-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rocky Linux 8 : libtiff (RLSA-2020:4634)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:4634 advisory. - tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer...

Wordpress Media Library Assistant Plugin - Remote Code Execution / Local File Inclusion Exploit

Exploit Title: Media Library Assistant Wordpress Plugin - RCE and LFI CVE: CVE-2023-4634 Exploit Author: Florent MONTEL / Patrowl.io / @Pepitoh / Twitter @Pepitooh Exploitation path: https://patrowl.io/blog-wordpress-media-library-rce-cve-2023-4634/ Exploit:...

Media Library Assistant Wordpress Plugin - RCE and LFI

Exploit Title: Media Library Assistant Wordpress Plugin - RCE and LFI Date: 2023/09/05 CVE: CVE-2023-4634 Exploit Author: Florent MONTEL / Patrowl.io / @Pepitoh / Twitter @Pepitooh Exploitation path: https://patrowl.io/blog-wordpress-media-library-rce-cve-2023-4634/ Exploit:...

Media Library Assistant < 3.10 - Unauthenticated Local/Remote File Inclusion & Remote Code Execution

Description The plugin is vulnerable to Local File Inclusion and Remote Code Execution in versions up to, and including, 3.09. This is due to insufficient controls on file paths being supplied to the 'mlastreamfile' parameter from the /includes/mla-stream-image.php file, where images are processe...

CVE-2023-4634

Summary of CVE-2023-4634 : The WordPress plugin Media Library Assistant (versions up to 3.09, fixed in 3.10) is vulnerable to Local File Inclusion and Remote Code Execution due to insufficient validation of file paths passed to the mla_stream_file parameter in includes/mla-stream-image.php, where...

CVE-2023-4634 Media Library Assistant <= 3.09 - Unauthenticated Local/Remote File Inclusion & Remote Code Execution

The Media Library Assistant plugin for WordPress is vulnerable to Local File Inclusion and Remote Code Execution in versions up to, and including, 3.09. This is due to insufficient controls on file paths being supplied to the 'mlastreamfile' parameter from the /includes/mla-stream-image.php file,...

WordPress Media Library Assistant Plugin <= 3.09 is vulnerable to Remote Code Execution (RCE)

Software Media Library Assistant Type Plugin Vulnerable versions = 3.09 Fixed in 3.10 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-4634 Patch priority High CVSS severity High 10 Developer Claim ownership PSID a9f84b644a17 Credits Pepitoh Required privilege...

CVE-2023-4634

creationtimestamp| type| source ---|---|--- 2023-09-05 11:57:15+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5085 2023-09-06 09:31:08+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/7744 2023-09-06 12:17:47+00:00| seen| https://t.me/cibsecurity/69963 2023-09-07...

Exploit for CVE-2023-4634

CVE-2023-4634 RCE Exploit for Wordpress Plugin Media-Library P...