57 matches found
CVE-2025-20743
In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10136671; Issue ID: MSV-4651...
CVE-2025-20743
In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10136671; Issue ID: MSV-4651...
CVE-2025-20743
In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10136671; Issue ID: MSV-4651...
CVE-2022-4651
The Justified Gallery WordPress plugin before 1.7.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...
Linux Distros Unpatched Vulnerability : CVE-2010-4651
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a...
RHEL 5 : patch (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - patch: Malicious patch files cause ed to execute arbitrary commands CVE-2018-1000156 - Directory traversa...
CVE-2018-4651
Rejected reason: This candidate is unused by its CNA...
Incomplete fix for SSRF in CVE-2023-4651
Description The fix commit a6bf758de0b3242b0c0e4b47a588aae0c94305b0 for CVE-2023-4651 is not complete. Only ip based URLs are blocked. Proof of Concept Clone the latest repo and install. On server, listen for 1234 on localhost. Use http://localhost:1234/ as URL for image upload. Observe a hit on...
CVE-2023-4651
creationtimestamp| type| source ---|---|--- 2023-08-31 07:12:49+00:00| seen| https://t.me/cibsecurity/69507...
CVE-2023-4651
Server-Side Request Forgery SSRF in GitHub repository instantsoft/icms2 prior to 2.16.1...
CVE-2023-4651 Server-Side Request Forgery (SSRF) in instantsoft/icms2
Server-Side Request Forgery SSRF in GitHub repository instantsoft/icms2 prior to 2.16.1...
CVE-2023-4651
CVE-2023-4651 describes a Server-Side Request Forgery (SSRF) in instantsoft/icms2 prior to 2.16.1. Affected component: icms2 server handling image/url fetches. Root cause: SSRF in how URLs are processed, allowing the server to make unintended requests. Impact: as described by the sources, potenti...
CVE-2023-4651 Server-Side Request Forgery (SSRF) in instantsoft/icms2
Server-Side Request Forgery SSRF in GitHub repository instantsoft/icms2 prior to 2.16.1...
SUSE CVE-2015-4651
The dissectwccp2r1addresstableinfo function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available for storing IP address strings, which allows remote attackers to cause a denial of service applicatio...
CVE-2022-4651
CVE-2022-4651 affects the WordPress Justified Gallery plugin prior to version 1.7.1. The vulnerability arises because the plugin does not validate and escape one of its shortcode attributes, enabling Stored XSS when a user with a role as low as contributor interacts with the gallery shortcode. Pr...
RHEL 8 : container-tools:2.0 (RHSA-2022:4651)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4651 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: psgo:...
SUSE: Security Advisory (SUSE-SU-2018:1162-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 LTS : MySQL vulnerabilities (USN-4651-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4651-1 advisory. Tom Reynolds discovered that due to a packaging error, the MySQL X Plugin was listening to all network interfaces by default, contrary to expectations. This updat...
CVE-2020-4651
creationtimestamp| type| source ---|---|--- 2020-11-10 00:55:45+00:00| seen| https://t.me/cibsecurity/16055...
CVE-2020-4651
CVE-2020-4651 affects IBM Maximo Spatial Asset Management, specifically versions 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0. The issue is a cross-site request forgery (CSRF) vulnerability that could allow an attacker to perform malicious, unauthorized actions on behalf of a trusted user. The root cau...