Lucene search
K

52 matches found

OSV
OSV
added 2026/06/24 11:48 a.m.2 views

MINI-4648-HX62-GJJV

Bulletin has no description...

8.2CVSS5.7AI score0.00208EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.4 views

AlmaLinux 8 : grub2 (ALSA-2026:4648)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:4648 advisory. grub2: Missing unregister call for gettext command may lead to use-after-free CVE-2025-61662 Tenable has extracted the preceding description block directly from th...

7.8CVSS5.9AI score0.00194EPSS
Exploits0References3
OSV
OSV
added 2026/03/06 1:45 a.m.1 views

MINI-5CM4-4648-CHHX

Bulletin has no description...

8CVSS5.9AI score0.00472EPSS
Exploits0
OSV
OSV
added 2025/11/02 2:49 a.m.4 views

MINI-PF2J-4648-76G9

Bulletin has no description...

5.3CVSS6.6AI score0.00443EPSS
Exploits0
OSV
OSV
added 2025/10/27 9:46 a.m.3 views

MINI-VQ67-4648-6284

Bulletin has no description...

5.2CVSS7AI score0.00152EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-4648

Malware in sbrugna...

6.1CVSS6.3AI score0.00705EPSS
Exploits0References3
OSV
OSV
added 2025/09/15 1:11 a.m.2 views

ECHO-3C02-4648-A9FA

Bulletin has no description...

4.7CVSS7AI score0.001EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/15 10:10 a.m.24 views

CVE-2025-4648

Download of Code Without Integrity Check vulnerability in Centreon web allows Reflected XSS. A user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request. This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0 before 24.04.11, from...

8.4CVSS6.5AI score0.00224EPSS
Exploits0References4
NVD
NVD
added 2025/05/13 10:15 a.m.48 views

CVE-2025-4648

The content of a SVG file, received as input in Centreon web, was not properly checked. Allows Reflected XSS. A user with elevated privileges can inject JS script by altering the content of a SVG media, during the submit request. This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0...

8.4CVSS0.00224EPSS
Exploits0References2
CVE
CVE
added 2025/05/13 9:45 a.m.49 views

CVE-2025-4648

Centreon web is affected by a reflected XSS vulnerability (CVE-2025-4648) where the content of an uploaded SVG file is not properly validated. A user with elevated privileges can inject JavaScript by altering a SVG media during submission. Affected versions include Centreon web 22.10.0–22.10.29, ...

8.4CVSS6.3AI score0.00224EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/13 9:45 a.m.10 views

CVE-2025-4648 A user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request.

The content of a SVG file, received as input in Centreon web, was not properly checked. Allows Reflected XSS. A user with elevated privileges can inject JS script by altering the content of a SVG media, during the submit request. This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0...

8.4CVSS6.3AI score0.00224EPSS
Exploits0References2
OSV
OSV
added 2025/05/13 9:45 a.m.13 views

CVE-2025-4648 A user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request.

The content of a SVG file, received as input in Centreon web, was not properly checked. Allows Reflected XSS. A user with elevated privileges can inject JS script by altering the content of a SVG media, during the submit request. This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0...

8.4CVSS6.6AI score0.00224EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/05/13 9:45 a.m.46 views

CVE-2025-4648 A user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request.

The content of a SVG file, received as input in Centreon web, was not properly checked. Allows Reflected XSS. A user with elevated privileges can inject JS script by altering the content of a SVG media, during the submit request. This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0...

8.4CVSS0.00224EPSS
Exploits0References2
Circl
Circl
added 2025/02/19 7:14 p.m.7 views

CVE-2024-4648

creationtimestamp| type| source ---|---|--- 2025-02-19 19:14:02+00:00| seen| Telegram/kIaNLUvKjRPtGQFB9JLl8PrTBjclExTrVXwDBXDf-HrsN3TU...

6.1CVSS4.4AI score0.00447EPSS
Exploits1
Fedora
Fedora
added 2024/03/30 1:9 a.m.17 views

[SECURITY] Fedora 39 Update: ghc-base64-0.4.2.4-28.fc39

RFC 4648-compliant Base64 with an eye towards performance and modernity additional support for RFC 7049 standards...

6.3CVSS6.3AI score0.00368EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/03/29 12:0 a.m.14 views

Fedora: Security Advisory for ghc-base64 (FEDORA-2024-7d83cbccb6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.3CVSS5.9AI score0.00368EPSS
Exploits1References2
CVE
CVE
added 2023/10/20 7:29 a.m.74 views

CVE-2023-4648

CVE-2023-4648 affects the WP Customer Reviews plugin for WordPress. It is a Stored XSS in admin settings (versions

4.8CVSS4.9AI score0.00303EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/20 7:29 a.m.40 views

CVE-2023-4648 WP Customer Reviews <= 3.6.6 - Authenticated (Administrator+) Stored Cross-Site Scripting

The WP Customer Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 3.6.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions...

4.4CVSS4.9AI score0.00303EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/09/14 12:0 a.m.31 views

WordPress WP Customer Reviews Plugin <= 3.6.6 is vulnerable to Cross Site Scripting (XSS)

Software WP Customer Reviews Type Plugin Vulnerable versions = 3.6.6 Fixed in 3.6.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4648 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 36513c06abe2 Credits Marco Wotschka...

4.8CVSS6AI score0.00303EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.3 views

SUSE CVE-2010-4648

The orinocoioctlsetauth function in drivers/net/wireless/orinoco/wext.c in the Linux kernel before 2.6.37 does not properly implement a TKIP protection mechanism, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading Wi-Fi frames...

3.3CVSS6.5AI score0.0153EPSS
Exploits1References5
Rows per page
Query Builder