CVE-2026-4920

The Next Date plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'default' shortcode attribute in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...

CVE-2009-4920

Unspecified vulnerability in CTM on Cisco Adaptive Security Appliances ASA 5580 series devices with software 8.12 allows remote attackers to cause a denial of service watchdog traceback via a large amount of small-packet data, aka Bug ID CSCsu11412...

Debian: Security Advisory (DSA-5922-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-4920

creationtimestamp| type| source ---|---|--- 2025-05-17 22:19:23+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpfl63p7whv2 2025-05-18 01:13:04+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpfuvqpu3f2t 2025-05-18...

CVE-2025-4920

Rejected reason: Duplicate of CVE-2025-4918...

CVE-2025-4920

...

CVE-2025-4920

CVE-2025-4920 is rejected per the initial description; this entry is not an active vulnerability.

CVE-2024-4920

creationtimestamp| type| source ---|---|--- 2025-02-14 09:46:58+00:00| seen| Telegram/rQvuCMJzjrGAvQ4RtUlg9uc28knyZjBdNtj77WSZglLUKhjP...

CVE-2024-4920 SourceCodester Online Discussion Forum Site registerH.php unrestricted upload

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file registerH.php. The manipulation of the argument ima leads to unrestricted upload. The attack may be initiated remotely. The exploit h...

CVE-2024-4920 SourceCodester Online Discussion Forum Site registerH.php unrestricted upload

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file registerH.php. The manipulation of the argument ima leads to unrestricted upload. The attack may be initiated remotely. The exploit h...

CVE-2024-4920

SourceCodester Online Discussion Forum Site 1.0 is affected by a vulnerability in the registerH.php file. The issue stems from manipulation of the ima parameter, which leads to an unrestricted file upload. Impact is described as potentially remote and publicly disclosed. The vulnerability is docu...

CVE-2023-4920

creationtimestamp| type| source ---|---|--- 2023-10-20 12:35:10+00:00| seen| https://t.me/cibsecurity/72653...

CVE-2023-4920

CVE-2023-4920 relates to the BEAR – Bulk Editor and Products Manager Professional for WooCommerce WordPress plugin. A CSRF flaw exists in versions up to and including 1.1.3.3 due to missing/incorrect nonce validation in woobe_save_options, enabling unauthenticated attackers to modify plugin setti...

CVE-2023-4920 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3. This is due to missing or incorrect nonce validation on the woobesaveoptions function. This makes it possible for unauthenticated attackers to modify the plugin's settings via a forged...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : ZeroMQ vulnerabilities (USN-4920-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4920-1 advisory. It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause...

CVE-2022-4920

creationtimestamp| type| source ---|---|--- 2023-07-29 07:29:57+00:00| seen| https://t.me/cibsecurity/67401...

DEBIAN-CVE-2022-4920

Heap buffer overflow in Blink in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2022-4920

CVE-2022-4920 is a heap-based buffer overflow in Blink affecting Google Chrome up to version 101.0.4951.41. A remote attacker could lure a user into specific UI gestures via a crafted HTML page to potentially escape the Chrome sandbox. The vulnerability is confirmed across multiple connected advi...

CVE-2022-4920

Heap buffer overflow in Blink in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2014-4920

The CVE-2014-4920 entry is confirmed to have concrete details in connected documents: the twitter-bootstrap-rails Gem for Rails contains a reflected XSS flaw in the bootstrap_flash helper, caused by inadequate input validation when handling flash messages before rendering to users. This can allow...