176 matches found
MINI-HV73-4872-4MMQ
Bulletin has no description...
MINI-GRG7-4872-XH7W
Bulletin has no description...
CGA-M8F3-4872-5R44
Bulletin has no description...
CVE-2025-4872
creationtimestamp| type| source ---|---|--- 2025-05-18 11:29:17+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpgxdo6pnyp2 2025-05-18 13:08:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lph4vedjrj2w 2025-05-19...
CVE-2025-4872
The CVE-2025-4872 entry concerns FreeFloat FTP Server 1.0, specifically the CCC Command Handler component. A vulnerability in an unknown function leads to a buffer overflow, which can be exploited remotely. Public exploit information exists. Several connected sources confirm this vulnerability an...
CVE-2024-4872
A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated attacker to inject code towards persistent data. Note that to successfully exploit this vulnerability an attacker must have a valid credential...
CVE-2024-4872
creationtimestamp| type| source ---|---|--- 2024-08-27 15:43:22+00:00| seen| https://t.me/cvedetector/4245 2024-11-26 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-331-04 2025-04-03 13:00:37+00:00| seen|...
CVE-2024-4872
A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated attacker to inject code towards persistent data. Note that to successfully exploit this vulnerability an attacker must have a valid credential...
Ubuntu 18.04 ESM / 20.04 ESM : Axel vulnerability (USN-4872-1)
The remote Ubuntu 18.04 ESM / 20.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-4872-1 advisory. It was discovered that Axel did not properly verify the certificates for hostnames. An attacker could use this vulnerability to impersonate another...
CVE-2023-4872
A vulnerability, which was classified as critical, has been found in SourceCodester Contact Manager App 1.0. This issue affects some unknown processing of the file add.php. The manipulation of the argument contact/contactName leads to sql injection. The attack may be initiated remotely. The explo...
CVE-2023-4872
CVE-2023-4872 affects SourceCodester Contact Manager App 1.0. The vulnerability is a SQL injection in the add.php handling of the contactName argument, enabling remote exploitation. Multiple sources confirm a critical severity with exploitation disclosed publicly (VDB-239357). No patch/version re...
CVE-2023-4872 SourceCodester Contact Manager App add.php sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Contact Manager App 1.0. This issue affects some unknown processing of the file add.php. The manipulation of the argument contact/contactName leads to sql injection. The attack may be initiated remotely. The explo...
CVE-2023-4872 SourceCodester Contact Manager App add.php sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Contact Manager App 1.0. This issue affects some unknown processing of the file add.php. The manipulation of the argument contact/contactName leads to sql injection. The attack may be initiated remotely. The explo...
Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affected IBM Workflow for Bluemix October 2015
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8. that is used by IBM Workflow for Bluemix. These issues were disclosed as part of the IBM® SDK, Java™ Technology Edition updates in October 2015. Vulnerability Details CVEID: CVE-2015-4872 DESCRIPTION: An...
K93203055: Java vulnerability CVE-2015-4872
Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security. CVE-2015-4872 Impact A remote attacker may affect the integrity of the...
Security Bulletin: A vulnerability in IBM SDK Java Technology Edition that is used by the IBM FlashSystem 840 and IBM FlashSystem 900 (CVE-2015-4872)
Summary There is a vulnerability in IBM® SDK Java™ Technology Edition that is used by the IBM® FlashSystem™ 840 and IBM FlashSystem 900. This issue were disclosed as part of the IBM Java SDK updates for October 2015. An exploit of this vulnerability could cause a partial integrity impact...
CVE-2022-4872 WooCommerce Chained Products < 2.12.0 - Unauthenticated Arbitrary Options Update to 'no'
The Chained Products WordPress plugin before 2.12.0 does not have authorisation and CSRF checks, as well as does not ensure that the option to be updated belong to the plugin, allowing unauthenticated attackers to set arbitrary options to 'no'...
CVE-2022-4872
CVE-2022-4872 affects the WooCommerce Chained Products plugin for WordPress, specifically versions before 2.12.0. The root cause is missing authorization and CSRF checks, plus failure to ensure the updated option belongs to the plugin, enabling an unauthenticated attacker to update arbitrary opti...
WordPress WooCommerce Chained Products Plugin < 2.12.0 is vulnerable to Broken Access Control
Software WooCommerce Chained Products Type Plugin Vulnerable versions 2.12.0 Fixed in 2.12.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4872 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID b129a8471653 Credits WPScan...
Security Bulletin: Multiple vulnerabilities have been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2015-4872, CVE-2015-4734, CVE-2015-5006)
Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Aviation, Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation,...