CVE-2026-4658

creationtimestamp| type| source ---|---|--- 2026-05-06 10:33:05+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3ml6is7xukc2q...

MiracleLinux 7 : libxml2-2.9.1-6.6.0.1.el7.AXS7 (AXSA:2021-2474:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2474:03 advisory. libxml2: Use after free via namespace node in XPointer ranges CVE-2016-4658 Tenable has extracted the preceding description block directly from the...

CVE-2025-20787

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149879; Issue ID: MSV-4658...

CVE-2025-20787

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149879; Issue ID: MSV-4658...

CVE-2025-20787

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149879; Issue ID: MSV-4658...

RockyLinux 8 : libtiff (RLSA-2025:4658)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:4658 advisory. libtiff: Heap-based buffer overflow in tools/pal2rgb.c can lead to denial of service CVE-2017-17095 Tenable has extracted the preceding description block directly...

CVE-2022-4658

The RSSImport WordPress plugin through 4.6.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

CVE-2025-4658

Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...

OPKSSH Vulnerable to Authentication Bypass

Impact Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5....

GHSA-56WX-66PX-9J66 OPKSSH Vulnerable to Authentication Bypass

Impact Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5....

CVE-2025-4658

Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...

CVE-2025-4658

creationtimestamp| type| source ---|---|--- 2025-05-13 16:53:23+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114501563358261613...

CVE-2025-4658 Authentication Bypass in OPKSSH

Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...

CVE-2025-4658

Removed by vendor...

CVE-2025-4658

CVE-2025-4658 affects the OpenPubkey library prior to 0.10.0, which allows a specially crafted JWS to bypass signature verification. Because OPKSSH relies on OpenPubkey for authentication, OPKSSH versions prior to 0.5.0 are also vulnerable and could bypass authentication. Public references in OSV...

libxml2 security update

2.9.1-6.0.5 - Fix CVE-2024-56171 Orabug: 37694105 - Fix CVE-2025-24928 Orabug: 37694105 2.9.1-6.0.3 - Rebuild to include attribution logo Orabug: 33024216 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-6.6 - Fix CVE-2016-4658 1966916...

CVE-2024-4658

creationtimestamp| type| source ---|---|--- 2024-10-10 16:46:37+00:00| seen| https://t.me/cvedetector/7608...

CVE-2024-4658

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TE Informatics Nova CMS allows SQL Injection. This issue affects Nova CMS: before 5.0...

RHEL 6 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: Use after free via namespace node in XPointer ranges CVE-2016-4658 - libxml2: Missing validation...

RHEL 5 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: Use after free via namespace node in XPointer ranges CVE-2016-4658 - libxml2: Missing validation...