CVE-2026-4890 vulnerabilities

Vulnerabilities for packages: dnsmasq...

dnsmasq-2.92rel2-1.1 on GA media (moderate)

dnsmasq-2.92rel2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10821-1 Rating: moderate Cross-References: CVE-2026-2291 CVE-2026-4890 CVE-2026-4891 CVE-2026-4892 CVE-2026-4893 CVE-2026-5172 CVSS scores: CVE-2026-2291 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-2291 SUSE :...

RHEL 9 : dnsmasq (RHSA-2026:19373)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19373 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server...

Fedora 43 : dnsmasq (2026-6384a3cf14)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6384a3cf14 advisory. Update to 2.92rel2 2.92 point release incorporating fixes for: - CVE-2026-2291 - CVE-2026-4890 - CVE-2026-4891 - CVE-2026-4892 - CVE-2026-4893 -...

RHEL 10 : dnsmasq (RHSA-2026:19158)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19158 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server...

CVE-2026-4890

...

Fedora 44 : dnsmasq (2026-ac5cceec13)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ac5cceec13 advisory. Update to 2.92rel2 2.92 point release incorporating fixes for: - CVE-2026-2291 - CVE-2026-4890 - CVE-2026-4891 - CVE-2026-4892 - CVE-2026-4893 -...

OPENSUSE-SU-2026:20748-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues Security issues: - CVE-2026-2291: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251. - CVE-2026-4890: DoS vulnerability in the DNSSEC validation bsc1265001. - CVE-2026-4891: heap-based out-of-bounds re...

CVE-2026-4890

creationtimestamp| type| source ---|---|--- 2026-05-11 18:40:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mllwemsz4v2c 2026-05-12 09:24:29+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlnhr2mtcj2s 2026-05-13 12:31:36+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2026-4890

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

CVE-2024-4890

creationtimestamp| type| source ---|---|--- 2025-11-12 15:00:09+00:00| published-proof-of-concept| Telegram/TnTlInxxzNpt0OgbsDLOj6rIodSNCMGeXkGWTk3FIFq8dbI...

CVE-2013-4890

The DMCRUIS/0.1 web server on the Samsung PS50C7700 TV allows remote attackers to cause a denial of service daemon crash via a long URI to TCP port 5600...

CVE-2025-4890

creationtimestamp| type| source ---|---|--- 2025-05-18 19:04:14+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16769 2025-05-18 19:24:26+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lphrv5p7gvy2 2025-05-18...

CVE-2025-4890

A vulnerability was found in code-projects Tourism Management System 1.0 and classified as critical. This issue affects the function LoginUser of the component Login User. The manipulation of the argument username/password leads to stack-based buffer overflow. Attacking locally is a requirement...

CVE-2025-4890 code-projects Tourism Management System Login User LoginUser stack-based overflow

A vulnerability was found in code-projects Tourism Management System 1.0 and classified as critical. This issue affects the function LoginUser of the component Login User. The manipulation of the argument username/password leads to stack-based buffer overflow. Attacking locally is a requirement...

CVE-2025-4890 code-projects Tourism Management System Login User LoginUser stack-based overflow

A vulnerability was found in code-projects Tourism Management System 1.0 and classified as critical. This issue affects the function LoginUser of the component Login User. The manipulation of the argument username/password leads to stack-based buffer overflow. Attacking locally is a requirement...

Linux Distros Unpatched Vulnerability : CVE-2005-4890

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via su - user -c program. The user session can be escaped to the parent...

aiconsole (>=0.2.0 <=0.2.13), aiflows (>=0.1.5 <=1.1.1) +43 more potentially affected by CVE-2024-4890 via litellm (>=0.11.1 <=1.26.13)

litellm PYPI version =0.11.1, =0.2.0, =0.1.5, =0.1.0, =0.0.1, =0.0.0, =0.114.0, =0.0.1, =0.6.3, =0.6.0, =0.2.0, =0.2.4, =0.1.11, =0.1.18 - emplode =0.1.0 and more Source cves: CVE-2024-4890 Source advisory: OSV:GHSA-8J42-PCFM-3467...

CVE-2024-4890 Blind SQL Injection in berriai/litellm

A blind SQL injection vulnerability exists in the berriai/litellm application, specifically within the '/team/update' process. The vulnerability arises due to the improper handling of the 'userid' parameter in the raw SQL query used for deleting users. An attacker can exploit this vulnerability b...

CVE-2023-4890

CVE-2023-4890 affects the JQuery Accordion Menu Widget for WordPress (WordPress plugin) up to version 3.1.2, enabling Stored XSS via the dcwp-jquery-accordion shortcode. The vulnerability arises from insufficient input sanitization and output escaping of user-supplied attributes. Exploitation req...