CVE-2025-4656 vulnerabilities

Vulnerabilities for packages: splunk-otel-collector-fips, splunk-otel-collector...

Vault Community Edition rekey and recovery key operations can cause denial of service

Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability CVE-2025-4656 has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17...

GHSA-FHC2-8QX8-6VJ7 Vault Community Edition rekey and recovery key operations can cause denial of service

Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability CVE-2025-4656 has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17...

CVE-2025-4656

A key handling flaw has been discovered in Vault. The rekey and recovery key operations may lead to a denial of service in the vault application due to uncontrolled cancellations of these operations. Mitigation Mitigation for this issue is either not available or the currently available options d...

CVE-2025-4656

Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability CVE-2025-4656 has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17...

CVE-2025-4656

creationtimestamp| type| source ---|---|--- 2025-06-25 16:47:42+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19484...

CVE-2025-4656

CVE-2025-4656 affects Vault Community Edition and Vault Enterprise: rekey and recovery key operations can cause a denial of service due to uncontrolled cancellation by a Vault operator. The issue is mitigated in Vault Community Edition 1.20.0 and Vault Enterprise updates 1.20.0, 1.19.6, 1.18.11, ...

CVE-2025-4656 Vault Vulnerable to Recovery Key Cancellation Denial of Service

Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability CVE-2025-4656 has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17...

CVE-2025-4656 Vault Vulnerable to Recovery Key Cancellation Denial of Service

Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability CVE-2025-4656 has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17...

CVE-2022-4656

The WP Visitor Statistics Real Time Traffic WordPress plugin before 6.5 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

Linux Distros Unpatched Vulnerability : CVE-2014-4656

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of...

CVE-2023-4656

creationtimestamp| type| source ---|---|--- 2025-02-11 02:16:51+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhulpj342t2v...

CGA-Q5R4-Q42H-4656

Bulletin has no description...

CVE-2024-4656 Import and export users and customers <= 1.26.6.1 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Import and export users and customers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user agent header in all versions up to, and including, 1.26.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-4492

A vulnerability, which was classified as critical, has been found in Tenda i21 1.0.0.144656. This issue affects the function formOfflineSet of the file /goform/setStaOffline. The manipulation of the argument GO/ssidIndex leads to stack-based buffer overflow. The attack may be initiated remotely...

Tenda i21 安全漏洞

Tenda i21 is a wireless access point from Tenda China. A security vulnerability exists in Tenda i21 version 1.0.0.144656, which stems from an incorrect operation of the parameter ssidIndex that can cause a stack-based buffer overflow. No details of the vulnerability are provided at this time...

CVE-2018-4656

Rejected reason: This candidate is unused by its CNA...

Debian: Security Advisory (DLA-0015-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-4656

The CVE-2022-4656 vulnerability affects the WordPress plugin WP Visitor Statistics (Real Time Traffic) prior to version 6.5. It arises because a shortcode attribute is not properly validated/escaped, enabling Stored XSS when a user with as low as Contributor privileges views the shortcode output....

CVE-2022-4656 WP Visitor Statistics (Real Time Traffic) < 6.5 - Contributor+ Stored XSS via Shortcode

The WP Visitor Statistics Real Time Traffic WordPress plugin before 6.5 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...