CVE-2026-4646

creationtimestamp| type| source ---|---|--- 2026-05-22 13:05:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmgyrlntzy2n...

CVE-2026-4646

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate user-supplied input in API request handlers which allows an authenticated attacker to crash the plugin process via a crafted HTTP request to the PR details endpoint.. Mattermost Advisory ID:...

MINI-4646-VWQ5-FPJ6

Bulletin has no description...

PT-2026-4646

Name of the Vulnerable Software and Affected Versions Apache Hadoop versions affected versions not specified Description An out-of-bounds write flaw exists in the Hadoop HDFS client's URI parser. This issue affects the native client. Recommendations At the moment, there is no information about a...

CVE-2024-4646

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /view/studentpaymentdetails.php. The manipulation of the argument index leads to cross site scripting. It is possible to launc...

CVE-2011-4646

SQL injection vulnerability in wp-postratings.php in the WP-PostRatings plugin 1.50, 1.61, and probably other versions before 1.62 for WordPress allows remote authenticated users with the Author role to execute arbitrary SQL commands via the id attribute of the ratings shortcode when creating a...

CVE-2025-4646

Incorrect Authorization vulnerability in Centreon web API Token creation form modules allows Privilege Escalation.This issue affects web: from 24.04.0 before 24.04.10, from 24.10.0 before 24.10.4...

CVE-2025-4646

creationtimestamp| type| source ---|---|--- 2025-05-13 09:30:35+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16087 2025-05-13 10:52:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lp2cxjcyum2e 2025-05-13 13:52:09+00:00| seen| https://t.me/cvedetector/25175...

CVE-2025-4646

Centreon Web (API Token creation form modules) is affected by CVE-2025-4646: an Improper Privilege Management vulnerability that can enable privilege escalation. The issue exists in Centreon Web versions 24.04.0 up to, but not including, 24.04.10 and 24.10.0 up to, but not including, 24.10.4. Roo...

CVE-2025-4646 A high privilege user is able to create and use a valid admin API token in centreon-web

Incorrect Authorization vulnerability in Centreon web API Token creation form modules allows Privilege Escalation.This issue affects web: from 24.04.0 before 24.04.10, from 24.10.0 before 24.10.4...

CVE-2025-4646 A high privilege user is able to create and use a valid admin API token in centreon-web

Incorrect Authorization vulnerability in Centreon web API Token creation form modules allows Privilege Escalation.This issue affects web: from 24.04.0 before 24.04.10, from 24.10.0 before 24.10.4...

Linux Distros Unpatched Vulnerability : CVE-2015-4646

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 1 unsquash-1.c, 2 unsquash-2.c, 3 unsquash-3.c, and 4 unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service application cra...

CVE-2024-4646

creationtimestamp| type| source ---|---|--- 2025-02-19 19:14:01+00:00| seen| Telegram/SAR12NtYIdEQ-8bAwUTDiV0Q6nkS2D6kNJIj13qpbCQV0ANu...

openSUSE: Security Advisory for squashfs (SUSE-SU-2023:4591-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:4591-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : squashfs (SUSE-SU-2023:4591-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4591-1 advisory. - Integer overflow in the readfragmenttable4 function in unsquash-4.c in Squashfs and sasquatch...

SUSE SLES12 Security Update : squashfs (SUSE-SU-2023:4424-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4424-1 advisory. - Integer overflow in the readfragmenttable4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a...

SUSE: Security Advisory (SUSE-SU-2023:4424-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-4646

CVE-2023-4646 affects the WordPress plugin Simple Posts Ticker (versions before 1.1.6). The flaw is insufficient validation/escaping of shortcode attributes, allowing stored XSS when a user with Contributor+ privileges outputs the shortcode on a post/page. The vulnerability is confirmed in multip...

CVE-2023-4646 Simple Posts Ticker < 1.1.6 - Contributor+ Stored XSS

The Simple Posts Ticker WordPress plugin before 1.1.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...