Lucene search
K

53 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.8 views

Debian dla-4636 : thunderbird - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4636 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4636-1 [email protected]...

9.6CVSS6.3AI score0.00476EPSS
Exploits0References61
vulnersOsv
vulnersOsv
added 2026/04/02 3:31 p.m.7 views

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +160 more potentially affected by CVE-2026-4636 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.5.6)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.0, =1.2.0 and more Source cves: CVE-2026-4636 Source advisory: OSV:GHSA-F2HX-5FX3-HMCVhttps://vulners.com/osv/OSV:GHSA-F2HX-5FX3-...

8.1CVSS5.5AI score0.00346EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/04/02 1:55 p.m.8 views

Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.2.15 Images Update

New images are available for Red Hat build of Keycloak 26.2.15 and Red Hat build of Keycloak 26.2.15 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Ha...

8.1CVSS5.9AI score0.00523EPSS
Exploits1References1
CVE
CVE
added 2025/05/30 8:24 a.m.46 views

CVE-2025-4636

CVE-2025-4636 concerns local privilege escalation in the Airpointer web platform. Multiple connected sources describe that excessive privileges granted to the web user allow a user-space compromise to escalate to root if an attacker gains control of that account. Documents consistently indicate t...

7.8CVSS7.9AI score0.00139EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:46 a.m.7 views

CVE-2024-4636

The Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘allowmemetypes’ function in versions up to, and including, 3.12.10 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS5.8AI score0.0042EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/15 6:51 a.m.9 views

CVE-2024-4636 Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF <= 3.12.10 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload

The Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘allowmemetypes’ function in versions up to, and including, 3.12.10 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS5.8AI score0.0042EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/15 6:51 a.m.33 views

CVE-2024-4636 Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF <= 3.12.10 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload

The Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘allowmemetypes’ function in versions up to, and including, 3.12.10 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS6AI score0.0042EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/05/15 12:0 a.m.14 views

WordPress Optimole Plugin <= 3.12.10 is vulnerable to Cross Site Scripting (XSS)

Software Optimole Type Plugin Vulnerable versions = 3.12.10 Fixed in 3.13.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4636 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9a2ec8f02493 Credits wesley wcraft Required...

6.4CVSS5.8AI score0.0042EPSS
Exploits0References3Affected Software1
GithubExploit
GithubExploit
added 2023/12/13 5:59 p.m.696 views

Exploit for CVE-2023-4636

CVE-2023-4636 - The vulnerability in the limelight is an unau...

4.8CVSS8.1AI score0.0088EPSS
Exploits2
Patchstack
Patchstack
added 2023/09/06 12:0 a.m.23 views

WordPress User Private Files Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software User Private Files Type Plugin Vulnerable versions = 2.0.3 Fixed in 2.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4636 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a3eddd47293a Credits Shuning Xu Required...

4.8CVSS6AI score0.0088EPSS
Exploits2References3Affected Software1
Circl
Circl
added 2023/09/05 7:16 a.m.7 views

CVE-2023-4636

creationtimestamp| type| source ---|---|--- 2023-09-05 07:16:42+00:00| seen| https://t.me/cibsecurity/69812 2023-12-13 19:04:16+00:00| published-proof-of-concept| https://t.me/blackcybersec/55 2023-12-13 19:05:47+00:00| published-proof-of-concept| https://t.me/DailyToolz/1080...

4.8CVSS6.5AI score0.0088EPSS
Exploits2References3
CVE
CVE
added 2023/09/05 2:25 a.m.104 views

CVE-2023-4636

The CVE-2023-4636 issue affects the WordPress File Sharing Plugin for WordPress, version 2.0.3 and earlier. It is a Stored Cross-Site Scripting vulnerability caused by insufficient input sanitization and output escaping in admin settings, exploitable by authenticated users with administrator-leve...

4.8CVSS4.9AI score0.0088EPSS
Exploits2References3Affected Software1
CVE
CVE
added 2023/01/10 7:54 p.m.49 views

CVE-2022-4636

Affected Product: Black Box KVM Firmware v3.4.31307 for models ACR1000A-R-R2, ACR1000A-T-R2, ACR1002A-T, ACR1002A-R, ACR1020A-T. Vulnerability: path traversal via local file inclusion (CWE-22) allowing an attacker to access credentials and sensitive data. Root cause: improper validation of pathna...

7.5CVSS7.2AI score0.00876EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2022/12/30 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2022:4636-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.5AI score0.00884EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/11/18 12:0 a.m.17 views

Ubuntu: Security Advisory (USN-4636-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01613EPSS
Exploits1References2
CVE
CVE
added 2020/10/16 4:40 p.m.44 views

CVE-2020-4636

CVE-2020-4636 affects IBM Resilient OnPrem (IBM Security SOAR), where a privileged user could inject malicious commands via Python3 scripting (sys module). Root cause involves Python3 scripting capability enabled in Resilient OnPrem 38.2 beta/GA, leading to command injection. Published details in...

8.2CVSS6.6AI score0.01104EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/15 11:3 p.m.18 views

Security Bulletin: IBM Resilient SOAR could allow a privileged user to inject malicious commands through Python3 scripting (CVE-2020-4636).

Summary It was possible for a privileged user to inject malicious commands through Python3 scripting, using the sys module, in a Beta version of Resilient. Vulnerability Details CVEID: CVE-2020-4636 DESCRIPTION: IBM Resilient could allow a privileged user to inject malicious commands through...

8.2CVSS1.6AI score0.01104EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/03/02 12:0 a.m.30 views

Debian DSA-4636-1 : python-bleach - security update

It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when'noscript' and one or more raw text tags were whitelisted. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

6.1CVSS7.3AI score0.01688EPSS
Exploits1References5
CVE
CVE
added 2020/01/28 6:30 p.m.38 views

CVE-2019-4636

IBM Security Secret Server 10.7 is affected by CVE-2019-4636: an authenticated user could obtain leaked information from error messages. The IBM bulletin lists this among multiple vulnerabilities and notes remediation via upgrade to fixpack 10.7.000059. Root cause details are not provided in the ...

4CVSS4.6AI score0.00803EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/05/15 12:0 a.m.38 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4636)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4636 advisory. - x86/speculation/mds: Make cpumatches cpuinit Patrick Colp Orabug: 29751729 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 -...

5.9CVSS6.7AI score0.01553EPSS
Exploits0References5
Rows per page
Query Builder