CVE-2026-4820

creationtimestamp| type| source ---|---|--- 2026-04-01 22:18:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mihpusgg5427...

Security Bulletin: IBM Maximo Application Suite was vulnerable to CVE-2026-4820 because Cookie ltpatoken2_<workspace_name> was not set with secure flag

Summary IBM Maximo Application Suite was vulnerable to CVE-2026-4820 because Cookie ltpatoken2 was not set with secure flag Vulnerability Details CVEID:CVE-2026-4820 DESCRIPTION: IBM Maximo Application Suite does not set the secure attribute on authorization tokens or session cookies. Attackers m...

MiracleLinux 4 : ghostscript-8.70-11.AXS4.6 (AXSA:2012-100:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2012-100:01 advisory. Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics...

CVE-2025-20766

Summary: CVE-2025-20766 refers to a memory corruption issue caused by improper input validation in MediaTek chipsets. The vulnerability could enable local escalation of privilege to SYSTEM without user interaction, as indicated by a high-severity CVSS v3.1 base score (7.8) with LOCAL attack vecto...

EUVD-2009-3922

Malware in sbrugna...

CVE-2022-4820

A vulnerability classified as problematic has been found in FlatPress. This affects an unknown part of the file admin/panels/entry/admin.entry.list.php of the component Admin Area. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patc...

CVE-2011-4820

IBM Rational Asset Manager 7.5 could allow a remote attacker to bypass security restrictions. An attacker could exploit this vulnerability using the UID parameter to modify another user's preferences...

Linux Distros Unpatched Vulnerability : CVE-2012-4820

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and...

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 8 : httpd:2.4 (RHSA-2024:4820)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4820 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Substitution...

CVE-2024-4820

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/SystemSettings.php?f=updatesettings. The manipulation leads to unrestricted upload. The attack can be...

CVE-2024-4820 SourceCodester Online Computer and Laptop Store unrestricted upload

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/SystemSettings.php?f=updatesettings. The manipulation leads to unrestricted upload. The attack can be...

Rocky Linux 8 : file-roller (RLSA-2020:4820)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4820 advisory. - An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possib...

CVE-2023-4820

creationtimestamp| type| source ---|---|--- 2023-10-17 00:32:24+00:00| seen| https://t.me/cibsecurity/72356 2025-03-06 02:16:33+00:00| seen| Telegram/fmMwbYT05aaEY25wQ5VStTURHe5pQR65zspbP6aeUlPSHMTA...

WordPress PowerPress Podcasting Plugin < 11.0.12 is vulnerable to Cross Site Scripting (XSS)

Software PowerPress Podcasting Type Plugin Vulnerable versions 11.0.12 Fixed in 11.0.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4820 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 083d4289c26f Credits emad Required...

CVE-2023-4820 PowerPress Podcasting < 11.0.12 - Contributor+ Stored XSS

The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.0.12 does not sanitize and escape the media url field in posts, which could allow users with privileges as low as contributor to inject arbitrary web scripts that could target a site admin or superadmin...

CVE-2023-4820

CVE-2023-4820 affects the PowerPress Podcasting plugin for WordPress (Blubrry) prior to version 11.0.12. The issue is that the plugin does not sanitize/escape the media URL field in posts, enabling stored cross-site scripting when a user with as little as contributor privileges posts content. The...

SUSE CVE-2008-4820

Unspecified vulnerability in the Flash Player ActiveX control in Adobe Flash Player 9.0.124.0 and earlier on Windows allows attackers to obtain sensitive information via unknown vectors...

Ubuntu: Security Advisory (USN-4820-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-4820

creationtimestamp| type| source ---|---|--- 2022-12-29 00:12:45+00:00| seen| https://t.me/cibsecurity/55517...