CVE-2026-4650

creationtimestamp| type| source ---|---|--- 2026-05-07 01:33:05+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mla33keb5f2h...

MiracleLinux 7 : python-2.7.5-34.0.1.el7.AXS7 (AXSA:2015-803:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-803:01 advisory. IPy is a Python module for handling IPv4 and IPv6 Addresses and Networks in a fashion similar to perl's Net::IP and friends. The IP class allows a...

MiracleLinux 4 : python-2.6.6-64.0.1.AXS4 (AXSA:2015-418:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-418:02 advisory. Coherence is a framework written in Python enabling applications to participate in digital living networks, such as the UPnP universe. Security issue...

CVE-2025-20759

In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-20759

In MediaTek Modem CVE-2025-20759, the issue is a missing bounds check causing an out-of-bounds read in the Modem component. This can enable remote denial of service when a user equipment (UE) connects to a rogue base station without requiring user interaction and with no additional privileges. Pu...

CVE-2025-4650

User with high privileges is able to introduce a SQLi using the Meta Service indicator page. Caused by an Improper Neutralization of Special Elements used in an SQL Command.This issue affects web: from 24.10.0 before 24.10.9, from 24.04.0 before 24.04.16, from 23.10.0 before 23.10.26...

CVE-2024-4650

A vulnerability classified as problematic was found in Campcodes Complete Web-Based School Management System 1.0. This vulnerability affects unknown code of the file /view/studentduepayment.php. The manipulation of the argument duemonth leads to cross site scripting. The attack can be initiated...

Linux Distros Unpatched Vulnerability : CVE-2014-4650

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attacker...

CVE-2024-4650

A vulnerability classified as problematic was found in Campcodes Complete Web-Based School Management System 1.0. This vulnerability affects unknown code of the file /view/studentduepayment.php. The manipulation of the argument duemonth leads to cross site scripting. The attack can be initiated...

CVE-2023-4650

creationtimestamp| type| source ---|---|--- 2023-08-31 07:12:39+00:00| seen| https://t.me/cibsecurity/69500...

CVE-2023-4650 Improper Access Control in instantsoft/icms2

Improper Access Control in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

CVE-2023-4650

CVE-2023-4650 affects instantsoft/icms2 prior to 2.16.1-git and is described as improper access control in the admin account management functionality. Connected sources confirm an admin account takeover/vector exists: a PoC demonstrates an authenticated admin can change other admins’ passwords, e...

SUSE CVE-2010-4650

Buffer overflow in the fusedoioctl function in fs/fuse/file.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging the ability to operate a CUSE server...

CVE-2022-4650

creationtimestamp| type| source ---|---|--- 2023-01-23 18:31:10+00:00| seen| https://t.me/cibsecurity/56852 2025-04-03 19:35:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10334...

CVE-2022-4650

The HashBar WordPress plugin before 1.3.6 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

CVE-2022-4650 HashBar – WordPress Notification Bar < 1.3.6 - Contributor+ Stored XSS via Shortcode

The HashBar WordPress plugin before 1.3.6 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

CVE-2022-4650

The CVE-2022-4650 entry concerns the HashBar WordPress plugin prior to version 1.3.6. Affected component: the shortcode attribute handling in the plugin’s output path. Root cause: lack of validation and escaping for a specific shortcode attribute, enabling Stored Cross-Site Scripting (Stored XSS)...

CVE-2022-4650 HashBar – WordPress Notification Bar < 1.3.6 - Contributor+ Stored XSS via Shortcode

The HashBar WordPress plugin before 1.3.6 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

Mageia: Security Advisory (MGASA-2014-0285)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2014:0997-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...