CVE-2026-4759

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Oracle Linux 9 : kernel (ELSA-2026-4759)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-4759 advisory. 5.14.0-611.41.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracl...

CVE-2025-20776

In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184297; Issue ID: MSV-4759...

CVE-2025-20776

CVE-2025-20776 affects MediaTek chipsets with an out-of-bounds read caused by a missing bounds check. This can enable local privilege escalation to System level without user interaction. Exploitation status is not detailed in the provided documents. Patch: ALPS10184297 (MSV-4759) is referenced. N...

Linux Distros Unpatched Vulnerability : CVE-2016-4759

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause ...

jgit-5.11.0-2.1 on GA media (moderate)

jgit-5.11.0-2.1 on GA media Announcement ID: openSUSE-SU-2025:15232-1 Rating: moderate Cross-References: CVE-2023-4759 CVE-2025-4949 CVSS scores: CVE-2023-4759 SUSE : 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2025-4949 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N Affected...

CVE-2022-4759

The GigPress WordPress plugin before 2.3.28 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

@adpt/testutils (>=0.1.0-next.1 <=0.4.0-next.6), @lavamoat/git-safe-dependencies (>=0.1.1 <=0.2.1) +6 more potentially affected by CVE-2025-4759 via lockfile-lint-api (>=1.0.7 <=5.9.1)

lockfile-lint-api NPM version =1.0.7, =0.1.0-next.1, =0.1.1, =1.0.0, =4.3.1-test1, =1.3.0, =1.0.1, =4.2.2, =4.3.1, =4.7.0 Source cves: CVE-2025-4759 Source advisory: OSV:GHSA-7CFR-5CJF-32P4...

CVE-2025-4759

creationtimestamp| type| source ---|---|--- 2025-05-16 05:34:40+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16632 2025-05-16 06:37:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpbg4v5iuv2p...

CVE-2025-4759

Versions of the package lockfile-lint-api before 5.9.2 are vulnerable to Incorrect Behavior Order: Early Validation via the resolved attribute of the package URL validation which can be bypassed by extending the package name allowing an attacker to install other npm packages than the intended one...

CVE-2025-4759

Versions of the package lockfile-lint-api before 5.9.2 are vulnerable to Incorrect Behavior Order: Early Validation via the resolved attribute of the package URL validation which can be bypassed by extending the package name allowing an attacker to install other npm packages than the intended one...

@lavamoat/git-safe-dependencies (>=0.1.1 <=0.2.1) potentially affected by CVE-2025-4759 via lockfile-lint-api (=5.9.1)

lockfile-lint-api NPM version =5.9.1 is affected by a known vulnerability. The following packages have a transitive dependency on lockfile-lint-api and may be impacted: - @lavamoat/git-safe-dependencies =0.1.1, =0.2.1 Source cves: CVE-2025-4759 Source advisory: SNYK:JS-LOCKFILELINTAPI-10169587...

PT-2024-29573 · Undefined · Undefined

"Source": "CVE FEED", "Title": "CVE-2024-41807 - Apache Twait Buffer Corruption", "Content": "CVE ID : CVE-2024-41807 Published : July 26, 2024, 4:15 p.m. | 26 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CVE RECORD. Consult IDs: CVE-2023-4759. Reason: This record is a...

CVE-2024-4759 Mime Types Extended <= 0.11 - Author+ Stored XSS via SVG Upload

The Mime Types Extended WordPress plugin through 0.11 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

CVE-2024-4759

CVE-2024-4759 affects the Mime Types Extended WordPress plugin (versions up to 0.11). The issue is that SVG uploads are not sanitised, enabling a stored XSS payload via SVG files by users with as little as Author privileges. Public sources in the connected documents corroborate an Author+ XSS ris...

CVE-2024-4759 Mime Types Extended <= 0.11 - Author+ Stored XSS via SVG Upload

The Mime Types Extended WordPress plugin through 0.11 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

WordPress Mime Types Extended Plugin <= 0.11 is vulnerable to Cross Site Scripting (XSS)

Software Mime Types Extended Type Plugin Vulnerable versions = 0.11 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4759 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 87b2707f84e3 Credits Bob Matyas Required...

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.1 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.1 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.1 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...