RHEL 8 : container-tools:rhel8 (RHSA-2026:4672)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4672 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang:...

WordPress Offsprout Page Builder plugin 2.2.1-2.15.2 - Authenticated (Contributor+) Privilege Escalation via permission_callback Function

Authenticated Contributor+ Privilege Escalation via permissioncallback Function vulnerability discovered by kr0d in WordPress Plugin Offsprout Page Builder versions 2.2.1-2.15.2...

RHEL 9 : containernetworking-plugins (RHSA-2024:4672)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4672 advisory. The Container Network Interface CNI project consists of a specification and libraries for writing plug- ins for configuring network interfaces in Lin...

CGA-4672-RR8G-34R5

Bulletin has no description...

CVE-2024-4672

A vulnerability classified as problematic was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/showstudentsubject.php. The manipulation of the argument id leads to cross site scripting. The attack can ...

CVE-2024-4672 Campcodes Complete Web-Based School Management System show_student_subject.php cross site scripting

A vulnerability classified as problematic was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/showstudentsubject.php. The manipulation of the argument id leads to cross site scripting. The attack can ...

openSUSE: Security Advisory for suse (SUSE-SU-2023:4672-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-4672

creationtimestamp| type| source ---|---|--- 2023-12-28 11:26:38+00:00| seen| https://t.me/ctinow/159998...

CVE-2023-4672

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Talent Software ECOP allows Reflected XSS. This issue affects ECOP: before 32255...

CVE-2023-4672

CVE-2023-4672 describes an Improper Neutralization of Input During Web Page Generation (XSS) in Talent Software ECOP disclosed as a reflected XSS affecting ECOP: before 32255. Supporting sources (NVD/NIST, CVE listings) consistently attribute the issue to input handling during web page generation...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : suse-build-key (SUSE-SU-2023:4672-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:4672-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's...

CVE-2018-4672

Rejected reason: This candidate is unused by its CNA...

CVE-2022-4672

creationtimestamp| type| source ---|---|--- 2023-01-23 18:31:20+00:00| seen| https://t.me/cibsecurity/56859...

CVE-2022-4672 WordPress Simple Shopping Cart < 4.6.2 - Contributor+ Stored XSS via Shortcode

The WordPress Simple Shopping Cart WordPress plugin before 4.6.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used...

CVE-2022-4672

CVE-2022-4672 affects WordPress Simple Shopping Cart (plugin) versions prior to 4.6.2. The root cause is lack of validation and escaping of certain shortcode attributes before output, enabling Stored XSS from a user with as low as a contributor to target high-privilege admins. Public details show...

CVE-2020-4672

creationtimestamp| type| source ---|---|--- 2020-11-16 20:37:48+00:00| seen| https://t.me/cibsecurity/16375...

Security Bulletin: IBM QRadar Advisor With Watson App for IBM QRadar SIEM is vulnerable to information exposure (CVE-2019-4672)

Summary IBM QRadar Advisor with Watson App for IBM QRadar SIEM could allow an unauthorized attacker to obtain sensitive information from specially crafted HTTP requests that could aid in further attacks against the system. Vulnerability Details CVEID: CVE-2019-4672 DESCRIPTION: IBM QRadar Advisor...

CVE-2019-4672

IBM QRadar Advisor (1.1–2.5) is affected by CVE-2019-4672. The root issue is information exposure: an unauthorized attacker can obtain sensitive information via specially crafted HTTP requests, potentially aiding further attacks. Affected product: QRadar Advisor with Watson App for QRadar SIEM. R...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4672)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4672 advisory. - Bluetooth: hidp: fix buffer overflow Young Xiao Orabug: 29786787 CVE-2011-1079 CVE-2019-11884 - x86/speculation/mds: Fix verw usage to use memory...

LogonTracer - Investigate Malicious Windows Logon By Visualizing And Analyzing Windows Event Log

Investigate malicious logon by visualizing and analyzing Windows active directory event logs. Concept LogonTracer associates a host name or an IP address and account name found in logon-related events and displays it as a graph. This way, it is possible to see in which account login attempt occur...