AlmaLinux 8 : grub2 (ALSA-2026:4648)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:4648 advisory. grub2: Missing unregister call for gettext command may lead to use-after-free CVE-2025-61662 Tenable has extracted the preceding description block directly from th...

MINI-5CM4-4648-CHHX

Bulletin has no description...

MINI-PF2J-4648-76G9

Bulletin has no description...

MINI-VQ67-4648-6284

Bulletin has no description...

EUVD-2018-4648

Malware in sbrugna...

ECHO-3C02-4648-A9FA

Bulletin has no description...

CVE-2025-4648

Download of Code Without Integrity Check vulnerability in Centreon web allows Reflected XSS. A user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request. This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0 before 24.04.11, from...

CVE-2025-4648

The content of a SVG file, received as input in Centreon web, was not properly checked. Allows Reflected XSS. A user with elevated privileges can inject JS script by altering the content of a SVG media, during the submit request. This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0...

CVE-2025-4648

Centreon web is affected by a reflected XSS vulnerability (CVE-2025-4648) where the content of an uploaded SVG file is not properly validated. A user with elevated privileges can inject JavaScript by altering a SVG media during submission. Affected versions include Centreon web 22.10.0–22.10.29, ...

CVE-2025-4648 A user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request.

The content of a SVG file, received as input in Centreon web, was not properly checked. Allows Reflected XSS. A user with elevated privileges can inject JS script by altering the content of a SVG media, during the submit request. This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0...

CVE-2025-4648 A user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request.

The content of a SVG file, received as input in Centreon web, was not properly checked. Allows Reflected XSS. A user with elevated privileges can inject JS script by altering the content of a SVG media, during the submit request. This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0...

CVE-2025-4648 A user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request.

The content of a SVG file, received as input in Centreon web, was not properly checked. Allows Reflected XSS. A user with elevated privileges can inject JS script by altering the content of a SVG media, during the submit request. This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0...

CVE-2024-4648

creationtimestamp| type| source ---|---|--- 2025-02-19 19:14:02+00:00| seen| Telegram/kIaNLUvKjRPtGQFB9JLl8PrTBjclExTrVXwDBXDf-HrsN3TU...

[SECURITY] Fedora 39 Update: ghc-base64-0.4.2.4-28.fc39

RFC 4648-compliant Base64 with an eye towards performance and modernity additional support for RFC 7049 standards...

Fedora: Security Advisory for ghc-base64 (FEDORA-2024-7d83cbccb6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-4648

CVE-2023-4648 affects the WP Customer Reviews plugin for WordPress. It is a Stored XSS in admin settings (versions

CVE-2023-4648 WP Customer Reviews <= 3.6.6 - Authenticated (Administrator+) Stored Cross-Site Scripting

The WP Customer Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 3.6.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions...

WordPress WP Customer Reviews Plugin <= 3.6.6 is vulnerable to Cross Site Scripting (XSS)

Software WP Customer Reviews Type Plugin Vulnerable versions = 3.6.6 Fixed in 3.6.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4648 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 36513c06abe2 Credits Marco Wotschka...

SUSE CVE-2010-4648

The orinocoioctlsetauth function in drivers/net/wireless/orinoco/wext.c in the Linux kernel before 2.6.37 does not properly implement a TKIP protection mechanism, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading Wi-Fi frames...

CVE-2022-4648

creationtimestamp| type| source ---|---|--- 2023-01-16 18:24:26+00:00| seen| https://t.me/cibsecurity/56550...