CVE-2026-4809

creationtimestamp| type| source ---|---|--- 2026-03-26 14:03:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhxrgxrhl225 2026-03-26 21:00:18+00:00| seen| https://infosec.exchange/users/offseq/statuses/116297486638382284 2026-03-26 21:00:19+00:00| seen|...

CVE-2026-4809

Brand-new CVE entry CVE-2026-4809 affects plank/laravel-mediable up to version 6.4.0. In vulnerable configurations that accept a client-supplied MIME type during file upload, an attacker can submit a file containing executable PHP code while declaring a benign image MIME type, enabling arbitrary ...

CVE-2026-4809

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing executable PHP code while...

CVE-2023-4809

In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. That is, a packet with multiple fragment extension headers would not be recognized as the correct ultimate payload. Instead a...

CVE-2025-4809

CVE-2025-4809 affects Tenda AC7 (version 15.03.06.44). The vulnerability is in the fromSafeSetMacFilter function of /goform/setMacFilterCfg; manipulating the deviceList argument causes a stack-based buffer overflow. Remote access is possible, and the exploit has been disclosed publicly. Multiple ...

CVE-2024-4809

creationtimestamp| type| source ---|---|--- 2025-02-14 10:03:08+00:00| seen| Telegram/4PHn7VIJugRAQoaUCu49KNO9Hr4-EF0X86lRMcczXEfPK0j...

CVE-2024-4809

A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file setting.php. The manipulation of the argument logo leads to unrestricted upload. The attack can be launched...

CVE-2023-5770

The CVE-2023-5770 issue affects Proofpoint Enterprise Protection’s email delivery agent. The vulnerability arises from inappropriate encoding when rewriting emails before delivery, allowing an unauthenticated attacker to inject improperly encoded HTML into the email body via the subject. Affected...

Ubuntu 16.04 ESM : VideoLAN x265 vulnerability (USN-4809-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4809-1 advisory. It was discovered that VideoLAN x265 mishandled certain memory-allocation inputs. An attacker could use this vulnerability to cause a denial of service crash...

CVE-2023-4809

creationtimestamp| type| source ---|---|--- 2023-09-13 11:01:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/9015 2023-12-22 00:26:34+00:00| seen| https://t.me/ctinow/158081 2024-08-16 08:24:29+00:00| seen| https://t.me/Rootsec2/962 2025-02-14 10:08:17+00:00| seen|...

CVE-2023-4809

In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. That is, a packet with multiple fragment extension headers would not be recognized as the correct ultimate payload. Instead a...

CVE-2023-4809 pf incorrectly handles multiple IPv6 fragment headers

In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. That is, a packet with multiple fragment extension headers would not be recognized as the correct ultimate payload. Instead a...

CVE-2023-4809

The CVE-2023-4809 issue affects FreeBSD pf: in a scrub fragment reassemble scenario, a packet carrying multiple IPv6 fragment headers can be reassembled and then misinterpreted as its payload, allowing IPv6 fragments to bypass pf rules that assume reassembly. Impact: fragmented packets may be for...

RHEL 9 : librsvg2 (RHSA-2023:4809)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4809 advisory. The librsvg2 packages provide a Scalable Vector Graphics SVG library based on the libart library. Security Fixes: librsvg: Arbitrary file read when...

Ubuntu: Security Advisory (USN-4809-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-4809

CVE-2022-4809 affects the usememos/memos project (GitHub repository) and is caused by improper access control in versions prior to 0.9.1. The vulnerability can allow an attacker to change user properties (username, email, display name), leading to full account takeover as described in multiple so...

CVE-2022-4809 Improper Access Control in usememos/memos

Improper Access Control in GitHub repository usememos/memos prior to 0.9.1...

CVE-2022-4809 Improper Access Control in usememos/memos

Improper Access Control in GitHub repository usememos/memos prior to 0.9.1...

Ubuntu: Security Advisory (USN-376-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...