Lucene search
K

115 matches found

NVD
NVD
added 2026/03/26 5:16 a.m.11 views

CVE-2026-4840

A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr results in os command injection. Remote exploitation ...

9CVSS0.08263EPSS
Exploits0References4
Circl
Circl
added 2026/03/26 4:16 a.m.5 views

CVE-2026-4840

creationtimestamp| type| source ---|---|--- 2026-03-26 04:16:40+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-4840 2026-03-26 05:18:11+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhwu3eol3e2t 2026-03-26 06:00:32+00:00| seen|...

9CVSS7.3AI score0.08263EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 7 : java-1.7.0-openjdk-1.7.0.91-2.6.2.1.0.1.el7.AXS7 (AXSA:2015-517:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-517:02 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2015-4734 RESERVED This candidate has been reserved by an organization ...

10CVSS6.5AI score0.09991EPSS
Exploits0References18
EUVD
EUVD
added 2025/12/02 3:31 a.m.6 views

EUVD-2025-200173

In Modem, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patc...

5.3CVSS6.3AI score0.00428EPSS
Exploits0References2
CVE
CVE
added 2025/12/02 2:34 a.m.12 views

CVE-2025-20754

CVE-2025-20754 affects MediaTek’s Modem component. The issue is an incorrect bounds check that can cause a system crash, leading to remote denial of service when a UE connects to a rogue base station. Exploitation requires no user interaction and is possible remotely via a network path. The vulne...

5.3CVSS6.5AI score0.00428EPSS
Exploits0References1Affected Software4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-4790

Malware in sbrugna...

5CVSS6.4AI score0.01917EPSS
Exploits0References5
Circl
Circl
added 2025/08/30 4:23 p.m.7 views

CVE-2024-4840

creationtimestamp| type| source ---|---|--- 2025-08-30 16:23:03+00:00| seen| Telegram/jrxm13MAseS9LEtnbTJYLyGZcr6E-x4kCO5HNbDjL0VjBBk...

5.5CVSS5.5AI score0.00196EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/12 6:20 a.m.4 views

CVE-2025-4840

The inprosysmedia-likes-dislikes-post WordPress plugin through 1.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

7.5CVSS7.7AI score0.00476EPSS
Exploits1References1
Circl
Circl
added 2025/06/10 6:30 a.m.18 views

CVE-2025-4840

creationtimestamp| type| source ---|---|--- 2025-06-10 06:30:14+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17834 2025-06-10 09:59:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lramzvpfgj2p 2025-09-29 21:02:22+00:00| seen|...

7.5CVSS4.8AI score0.00476EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2015-4840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors...

5CVSS6.7AI score0.03955EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 8:17 p.m.10 views

CVE-2022-4840

Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.1...

7.6CVSS5.8AI score0.00652EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/11/25 12:0 a.m.11 views

RHEL 9 : RHOSP 17.1.4 (openstack-tripleo-heat-templates) (RHSA-2024:9978)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9978 advisory. Heat templates for TripleO Security Fixes: cleartext passwords exposed in logs CVE-2024-4840 For more details about the security issues, including th...

5.5CVSS5.8AI score0.00196EPSS
Exploits0References43
RedHat Linux
RedHat Linux
added 2024/11/21 9:31 a.m.32 views

Moderate: Red Hat Security Advisory: RHOSP 17.1.4 (openstack-tripleo-heat-templates) security update

An update for openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform RHOSP 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

5.5CVSS6.1AI score0.00196EPSS
Exploits0References40
RedhatCVE
RedhatCVE
added 2024/05/13 5:24 p.m.33 views

CVE-2024-4840

An flaw was found in the OpenStack Platform RHOSP director, a toolset for installing and managing a complete RHOSP environment. Plaintext passwords may be stored in log files, which can expose sensitive information to anyone with access to the logs...

5.5CVSS6.5AI score0.00196EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.18 views

Ubuntu 18.04 ESM : Singularity vulnerabilities (USN-4840-1)

The remote Ubuntu 18.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4840-1 advisory. It was discovered that Singularity incorrectly handled certain inputs. An attacker could possibly use this issue to obtain sensitive information...

7.8CVSS7AI score0.01596EPSS
Exploits0References3
OSV
OSV
added 2023/09/12 2:15 a.m.3 views

CVE-2023-4840

The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'mappress' shortcode in versions up to, and including, 2.88.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

5.4CVSS7AI score0.00467EPSS
Exploits0References3
CVE
CVE
added 2023/09/12 1:52 a.m.100 views

CVE-2023-4840

MapPress Maps for WordPress (a WordPress plugin) has a stored XSS in the mappress shortcode for versions up to 2.88.4 caused by insufficient input sanitization and output escaping of user-supplied attributes. Exploitation requires an authenticated attacker with contributor-level permissions or hi...

6.4CVSS5.3AI score0.00467EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/09/11 12:0 a.m.19 views

WordPress MapPress Maps for WordPress Plugin <= 2.88.4 is vulnerable to Cross Site Scripting (XSS)

Software MapPress Maps for WordPress Type Plugin Vulnerable versions = 2.88.4 Fixed in 2.88.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4840 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4fb9c1035c4b Credits Lana Codes...

6.4CVSS6.1AI score0.00467EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/29 12:0 a.m.6 views

CVE-2022-4840 Cross-site Scripting (XSS) - Stored in usememos/memos

Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.1...

7.6CVSS5.9AI score0.00652EPSS
Exploits1References2
CVE
CVE
added 2022/12/29 12:0 a.m.66 views

CVE-2022-4840

CVE-2022-4840 : A stored Cross-site Scripting (XSS) vulnerability exists in the GitHub project usememos/memos for versions prior to 0.9.1. The issue is triggered when untrusted user input is included in outputs without proper validation, enabling script injection. The Red Hat/OSV/PT-Security/GHSA...

7.6CVSS5.4AI score0.00652EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder