Lucene search
K

83 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: wireshark (CVE-2024-4855)

The version of wireshark installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4855 advisory. - Use after free issue in editcap could cause denial of service via crafted capture file CVE-2024-4855 Note...

5.5CVSS5.2AI score0.00376EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/09 12:52 p.m.8 views

CVE-2014-4855

Cross-site scripting XSS vulnerability in the Polylang plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to a user description. NOTE: some of these details are obtained from third party information...

4.3CVSS5.9AI score0.01578EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-1489

Malware in sbrugna...

4.9CVSS6.4AI score0.00404EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/07/11 12:25 a.m.22 views

CVE-2025-4828

The Support Board plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the sbfiledelete function in all versions up to, and including, 3.8.0. This makes it possible for attackers to delete arbitrary files on the server, which can easily lead to...

9.8CVSS8.1AI score0.00832EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/11 12:25 a.m.6 views

CVE-2025-4855

The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion of data due to use of hardcoded default secrets in the sbencryption function in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to bypass authorization...

9.8CVSS7.8AI score0.00832EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2025/07/10 3:9 p.m.5 views

CVE-2024-4855 affecting package wireshark for versions less than 4.4.7-1

CVE-2024-4855 affecting package wireshark for versions less than 4.4.7-1. An upgraded version of the package is available that resolves this issue...

5.5CVSS7.3AI score0.00376EPSS
Exploits1
Circl
Circl
added 2025/07/09 12:19 a.m.6 views

CVE-2025-4855

creationtimestamp| type| source ---|---|--- 2025-07-09 00:19:07+00:00| seen| Telegram/GE8PqVthPckC0NEgVjd6zm4kAIiWdVChOSErnMt9MkPTF8 2025-07-09 00:19:08+00:00| seen| Telegram/Z3LQABqCffnPNGjBuPJkqEnUXsW6j8KddsNaSTtnJH3imA...

9.8CVSS4.8AI score0.00338EPSS
Exploits0
NVD
NVD
added 2025/07/09 12:15 a.m.7 views

CVE-2025-4855

The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion of data due to use of hardcoded default secrets in the sbencryption function in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to bypass authorization...

9.8CVSS0.00338EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/08 11:22 p.m.2 views

CVE-2025-4855 Support Board <= 3.8.0 - Unauthenticated Authorization Bypass due to Use of Default Secret Key

The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion of data due to use of hardcoded default secrets in the sbencryption function in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to bypass authorization...

9.8CVSS7.7AI score0.00338EPSS
Exploits0References2
CVE
CVE
added 2025/07/08 11:22 p.m.43 views

CVE-2025-4855

CVE-2025-4855 concerns the WordPress plugin Support Board. Multiple sources confirm a vulnerability in all versions up to 3.8.0 where hardcoded default secrets in sb_encryption() enable unauthenticated bypass of authorization and the execution of arbitrary AJAX actions via sb_ajax_execute(). This...

9.8CVSS7.1AI score0.00338EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/07/08 11:22 p.m.8 views

CVE-2025-4855 Support Board <= 3.8.0 - Unauthenticated Authorization Bypass due to Use of Default Secret Key

The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion of data due to use of hardcoded default secrets in the sbencryption function in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to bypass authorization...

9.8CVSS0.00338EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/07/08 8:45 p.m.9 views

WordPress Support Board plugin <= 3.8.0 - Unauthenticated Authorization Bypass due to Use of Default Secret Key vulnerability

Unauthenticated Authorization Bypass due to Use of Default Secret Key vulnerability discovered by Foxyyy in WordPress Plugin Support Board versions = 3.8.0...

9.8CVSS6.6AI score0.00338EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2024-4855

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free issue in editcap could cause denial of service via crafted capture file CVE-2024-4855 Note that Nessus relies on the presence of the package as...

5.5CVSS5AI score0.00376EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/02/05 8:16 p.m.18 views

CVE-2022-4855

A vulnerability, which was classified as critical, was found in SourceCodester Lead Management System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS7.3AI score0.26463EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/08/20 12:0 a.m.16 views

openSUSE Security Advisory (SUSE-SU-2024:1865-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.5AI score0.00811EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/07/22 12:0 a.m.15 views

Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2024-673)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-673 advisory. Memory handling issue in editcap could cause denial of service via crafted capture file CVE-2024-4853 MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14,...

7.5CVSS6AI score0.00811EPSS
Exploits2References8
OpenVAS
OpenVAS
added 2024/07/10 12:0 a.m.17 views

openSUSE Security Advisory (SUSE-SU-2024:2265-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.5AI score0.00811EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.23 views

SUSE SLED15: libwireshark15 / libwiretap12 / libwsutil13 / wireshark / etc (SUSE-SU-2024:2265-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2265-1 advisory. Update to version 3.6.22: - CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops...

7.5CVSS6.5AI score0.00811EPSS
Exploits2References10
OSV
OSV
added 2024/07/02 8:14 a.m.20 views

SUSE-SU-2024:2265-1 Security update for wireshark

This update for wireshark fixes the following issues: Update to version 3.6.22: - CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops bsc1224274 - CVE-2024-4853: The editcap command line utility could crash when chopping bytes from the beginning of a packet bsc1224259 - CVE-2024-4855: Th...

7.5CVSS5.4AI score0.00811EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2024/06/26 12:0 a.m.15 views

Wireshark Security Update (wnpa-sec-2024-09) - Windows

Wireshark is prone to an use after free vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark";...

5.5CVSS4AI score0.00376EPSS
Exploits1References1
Rows per page
Query Builder