Lucene search
K

60 matches found

OSV
OSV
added 2026/05/13 1:1 p.m.6 views

DEBIAN-CVE-2026-4873

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

5.9CVSS5.8AI score0.00329EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/05/13 8:27 a.m.5 views

CVE-2026-4873

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

5.9CVSS5.8AI score0.00329EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.8 views

Photon OS 5.0: Curl PHSA-2026-5.0-0838

An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0838. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS5.7AI score0.00639EPSS
Exploits6References7
OSV
OSV
added 2026/05/01 6:9 a.m.6 views

BELL-CVE-2026-4873

Bulletin has no description...

5.9CVSS5.7AI score0.00329EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/04/30 2:30 a.m.7 views

SUSE CVE-2026-4873

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

3.7CVSS5.8AI score0.00329EPSS
Exploits1References10
Circl
Circl
added 2026/04/29 6:51 a.m.12 views

CVE-2026-4873

creationtimestamp| type| source ---|---|--- 2026-04-29 06:51:40+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mkmj5tu7cu2x 2026-04-29 12:45:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mkn4vufiap2k...

5.9CVSS5.7AI score0.00329EPSS
Exploits1References2
Circl
Circl
added 2025/08/30 10:23 a.m.5 views

RHSA-2024:4873

creationtimestamp| type| source ---|---|--- 2025-08-30 10:23:06+00:00| seen| Telegram/y04OMmpXkIonJuNQPKrf7N0zQs6VD7fXMh7ZvBcfO766kXE...

4.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 5:31 a.m.6 views

CVE-2012-4873

Cross-site scripting XSS vulnerability in the filedownload function in GNUBoard before 4.34.21 allows remote attackers to inject arbitrary web script or HTML via the filename parameter...

4.3CVSS5.9AI score0.01631EPSS
Exploits1References1
Circl
Circl
added 2025/05/18 12:53 p.m.24 views

CVE-2025-4873

creationtimestamp| type| source ---|---|--- 2025-05-18 12:53:15+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lph3y7qq2xp2 2025-05-18 13:08:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lph4vekhlx24...

9.8CVSS7AI score0.00472EPSS
Exploits1References2
NVD
NVD
added 2025/05/18 12:15 p.m.17 views

CVE-2025-4873

A vulnerability has been found in PHPGurukul News Portal 4.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be launched...

9.8CVSS0.00472EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/05/18 11:31 a.m.18 views

CVE-2025-4873 PHPGurukul News Portal Login index.php sql injection

A vulnerability has been found in PHPGurukul News Portal 4.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be launched...

7.5CVSS0.00472EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/05/18 11:31 a.m.7 views

CVE-2025-4873 PHPGurukul News Portal Login index.php sql injection

A vulnerability has been found in PHPGurukul News Portal 4.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be launched...

7.5CVSS7.5AI score0.00472EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/06/19 3:12 a.m.26 views

CVE-2024-4873 Replace Image <= 1.1.10 - Insecure Direct Object Reference

The Replace Image plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.10 via the image replacement functionality due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level...

4.3CVSS0.00346EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/06/18 12:0 a.m.9 views

WordPress Replace Image Plugin <= 1.1.10 is vulnerable to Broken Access Control

Software Replace Image Type Plugin Vulnerable versions = 1.1.10 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-4873 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 262021d9f7c1 Credits Jin Hao Chan Required privilege...

4.3CVSS6.6AI score0.00346EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/09/10 3:0 a.m.81 views

CVE-2023-4873

The CVE-2023-4873 entry concerns Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform (up to 20230906). Affects an unknown function in /importexport.php where manipulating the sql argument triggers an OS command injection. Exploitation can be carried out remotely, and pu...

9.8CVSS8.4AI score0.74897EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/10 3:0 a.m.3 views

CVE-2023-4873 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform importexport.php os command injection

A vulnerability, which was classified as critical, was found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230906. Affected is an unknown function of the file /importexport.php. The manipulation of the argument sql leads to os command injection. It is...

6.5CVSS7.1AI score0.74897EPSS
Exploits1References4
Circl
Circl
added 2023/01/18 4:47 p.m.4 views

CVE-2022-4873

creationtimestamp| type| source ---|---|--- 2023-01-18 16:47:18+00:00| published-proof-of-concept| https://t.me/ctinow/87639 2023-01-19 13:10:07+00:00| published-proof-of-concept| https://t.me/truesecator/3959...

9.8CVSS9AI score0.0717EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2023/01/18 10:20 a.m.60 views

Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers

Security vulnerabilities have been disclosed in Netcomm and TP-Link routers, some of which could be weaponized to achieve remote code execution. The flaws, tracked as CVE-2022-4873 and CVE-2022-4874, concern a case of stack-based buffer overflow and authentication bypass and impact Netcomm router...

2.4AI score0.11009EPSS
Exploits2
OSV
OSV
added 2023/01/11 9:15 p.m.5 views

CVE-2022-4873

On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location...

9.8CVSS6AI score0.0717EPSS
Exploits1References2
CVE
CVE
added 2023/01/11 8:39 p.m.200 views

CVE-2022-4873

CVE-2022-4873 is a stack-based buffer overflow in the Netcomm NF20MESH, NF20, and NL1902 sessionKey handling that can overwrite the instruction pointer and crash the app. Related CVE-2022-4874 is an authentication bypass; together these flaws enable remote code execution when exploited in affecte...

9.8CVSS9.8AI score0.0717EPSS
In wildExploits1References2Affected Software1
Rows per page
Query Builder