CVE-2026-4901 Insertion of Sesitive Information into Log File in Hydrosystem Control System

Hydrosystem Control System saves sensitive information into a log file. Critically, user credentials are logged allowing the attacker to obtain further authorized access into the system. Combined with vulnerability CVE-2026-34184, these sensitive information could be accessed by an unauthorized...

CVE-2026-4901

creationtimestamp| type| source ---|---|--- 2026-04-09 03:55:00+00:00| seen| https://cert.pl/en/posts/2026/04/CVE-2026-4901/ 2026-04-09 11:16:38+00:00| seen| Telegram/nE1gVyn8jRxbZ-OhSUewb4fvVZDT-qjlGTvhk8YiMctdMk 2026-04-09 12:27:44+00:00| seen|...

EUVD-2007-5105

Malware in sbrugna...

CVE-2022-4901

Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim...

CVE-2025-4901

A vulnerability classified as problematic was found in D-Link DI-7003GV2 24.04.18D1 R68125. Affected by this vulnerability is the function sub41E304 of the file /H5/stateview.data of the component HTTP Endpoint. The manipulation leads to information disclosure. The attack can only be done within...

CVE-2025-4901

A vulnerability classified as problematic was found in D-Link DI-7003GV2 24.04.18D1 R68125. Affected by this vulnerability is the function sub41E304 of the file /H5/stateview.data of the component HTTP Endpoint. The manipulation leads to information disclosure. The attack can only be done within...

CVE-2025-4901

creationtimestamp| type| source ---|---|--- 2025-05-18 23:37:40+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16782 2025-05-19 01:13:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpifexsqvb2l...

CVE-2025-4901

CVE-2025-4901 affects D-Link DI-7003GV2 (HTTP Endpoint component). The vulnerable element is the function sub_41E304 in the file /H5/state_view.data, whose manipulation leads to information disclosure. Exploitation is described as possible only within the local network. Multiple connected sources...

Linux Distros Unpatched Vulnerability : CVE-2009-4901

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The MSGFunctionDemarshall function in winscardsvc.c in the PC/SC Smart Card daemon aka PCSCD in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a...

Fedora: Security Advisory (FEDORA-2023-c890266d3f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-4901

creationtimestamp| type| source ---|---|--- 2024-06-28 13:05:27+00:00| seen| https://t.me/truesecator/5912...

GitLab 16.9 < 16.11.5 / 17.0 < 17.0.3 / 17.1 < 17.1.1 (CVE-2024-4901)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, where a stored XSS...

CVE-2024-4901 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, where a stored XSS vulnerability could be imported from a project with malicious commit notes...

CVE-2024-4901 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, where a stored XSS vulnerability could be imported from a project with malicious commit notes...

openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0249-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for avahi (SUSE-SU-2023:4901-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Malicious code in wlwz-2312-4901 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1505cd23fcbe24776062836432518d1950b5824cb9ab6d61f006cfc05acd4e21 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wlwz-2311-4901 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9ae3d92ff4893c8e9d8ed1e315dddfd361e89bf8a09683823ce712bb09fe229 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-173 Malicious code in wlwz-2311-4901 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9ae3d92ff4893c8e9d8ed1e315dddfd361e89bf8a09683823ce712bb09fe229 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Fedora: Security Advisory for chromium (FEDORA-2023-b427f54e68)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...