83 matches found
Azure Linux 3.0 Security Update: wireshark (CVE-2024-4855)
The version of wireshark installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4855 advisory. - Use after free issue in editcap could cause denial of service via crafted capture file CVE-2024-4855 Note...
CVE-2014-4855
Cross-site scripting XSS vulnerability in the Polylang plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to a user description. NOTE: some of these details are obtained from third party information...
EUVD-2007-1489
Malware in sbrugna...
CVE-2025-4828
The Support Board plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the sbfiledelete function in all versions up to, and including, 3.8.0. This makes it possible for attackers to delete arbitrary files on the server, which can easily lead to...
CVE-2025-4855
The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion of data due to use of hardcoded default secrets in the sbencryption function in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to bypass authorization...
CVE-2024-4855 affecting package wireshark for versions less than 4.4.7-1
CVE-2024-4855 affecting package wireshark for versions less than 4.4.7-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-4855
creationtimestamp| type| source ---|---|--- 2025-07-09 00:19:07+00:00| seen| Telegram/GE8PqVthPckC0NEgVjd6zm4kAIiWdVChOSErnMt9MkPTF8 2025-07-09 00:19:08+00:00| seen| Telegram/Z3LQABqCffnPNGjBuPJkqEnUXsW6j8KddsNaSTtnJH3imA...
CVE-2025-4855
The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion of data due to use of hardcoded default secrets in the sbencryption function in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to bypass authorization...
CVE-2025-4855 Support Board <= 3.8.0 - Unauthenticated Authorization Bypass due to Use of Default Secret Key
The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion of data due to use of hardcoded default secrets in the sbencryption function in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to bypass authorization...
CVE-2025-4855
CVE-2025-4855 concerns the WordPress plugin Support Board. Multiple sources confirm a vulnerability in all versions up to 3.8.0 where hardcoded default secrets in sb_encryption() enable unauthenticated bypass of authorization and the execution of arbitrary AJAX actions via sb_ajax_execute(). This...
CVE-2025-4855 Support Board <= 3.8.0 - Unauthenticated Authorization Bypass due to Use of Default Secret Key
The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion of data due to use of hardcoded default secrets in the sbencryption function in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to bypass authorization...
WordPress Support Board plugin <= 3.8.0 - Unauthenticated Authorization Bypass due to Use of Default Secret Key vulnerability
Unauthenticated Authorization Bypass due to Use of Default Secret Key vulnerability discovered by Foxyyy in WordPress Plugin Support Board versions = 3.8.0...
Linux Distros Unpatched Vulnerability : CVE-2024-4855
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free issue in editcap could cause denial of service via crafted capture file CVE-2024-4855 Note that Nessus relies on the presence of the package as...
CVE-2022-4855
A vulnerability, which was classified as critical, was found in SourceCodester Lead Management System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
openSUSE Security Advisory (SUSE-SU-2024:1865-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2024-673)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-673 advisory. Memory handling issue in editcap could cause denial of service via crafted capture file CVE-2024-4853 MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14,...
openSUSE Security Advisory (SUSE-SU-2024:2265-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: libwireshark15 / libwiretap12 / libwsutil13 / wireshark / etc (SUSE-SU-2024:2265-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2265-1 advisory. Update to version 3.6.22: - CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops...
SUSE-SU-2024:2265-1 Security update for wireshark
This update for wireshark fixes the following issues: Update to version 3.6.22: - CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops bsc1224274 - CVE-2024-4853: The editcap command line utility could crash when chopping bytes from the beginning of a packet bsc1224259 - CVE-2024-4855: Th...
Wireshark Security Update (wnpa-sec-2024-09) - Windows
Wireshark is prone to an use after free vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark";...