CVE-2026-1686

A security flaw has been discovered in Totolink A3600R 5.9c.4959. This issue affects the function setAppEasyWizardConfig in the library /lib/cstemodules/app.so. Performing a manipulation of the argument apcliSsid results in buffer overflow. It is possible to initiate the attack remotely. The...

PT-2026-5401

Name of the Vulnerable Software and Affected Versions Totolink A3600R version 5.9c.4959 Description A security flaw exists in Totolink A3600R version 5.9c.4959. The issue resides within the setAppEasyWizardConfig function located in the /lib/cste modules/app.so library. Manipulation of the...

CVE-2009-4959

SQL injection vulnerability in the T3M E-Mail Marketing Tool t3m extension 0.2.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

EUVD-2011-4959

Malware in sbrugna...

CVE-2023-4959

creationtimestamp| type| source ---|---|--- 2025-09-25 08:53:10+00:00| seen| Telegram/7trH2f5ZzohQVlDVWZqfSM7o36wc1OFoQTq1UUf-WcBwJo...

CVE-2011-4959

SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CentOS 7 : java-1.8.0-ibm (RHSA-2022:4959)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4959 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Utility. Supported versions that are affected ar...

Adobe Reader < 2015.006.30418 / 2017.011.30080 / 2018.011.20040 Multiple Vulnerabilities (APSB18-09) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30418, 2017.011.30080, or 2018.011.20040. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and...

CVE-2024-4959 Frontend Checklist <= 2.3.2 - Admin+ Stored XSS via Items

The Frontend Checklist WordPress plugin through 2.3.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-4959 Frontend Checklist <= 2.3.2 - Admin+ Stored XSS via Items

The Frontend Checklist WordPress plugin through 2.3.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-4959

CVE-2022-4959 affects qkmc-rk redbbs 1.0, arising from the Nickname Handler component. The issue allows cross-site scripting and can be exploited remotely; the exploit has been disclosed publicly. Connected sources consistently describe the vulnerability, with no official patch version specified ...

CVE-2022-4959 qkmc-rk redbbs Nickname cross site scripting

A vulnerability classified as problematic was found in qkmc-rk redbbs 1.0. Affected by this vulnerability is an unknown functionality of the component Nickname Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the publi...

CVE-2023-4959

A flaw was found in Quay. Cross-site request forgery CSRF attacks force a user to perform unwanted actions in an application. During the pentest, it was detected that the config-editor page is vulnerable to CSRF. The config-editor page is used to configure the Quay instance. By coercing the...

CVE-2023-4959

CVE-2023-4959 affects Red Hat Quay where the config-editor page is vulnerable to cross-site request forgery (CSRF). Exploitation could coerce a victim’s browser to perform attacker-controlled actions on a Quay instance, including reconfiguring settings and adding admin users. Public sources consi...

RHEL 8 : firefox (RHSA-2023:4959)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4959 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

RHEL 7 : java-1.8.0-ibm (RHSA-2022:4959)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4959 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

Debian: Security Advisory (DSA-4959-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : GStreamer Base Plugins vulnerability (USN-4959-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4959-1 advisory. It was discovered that GStreamer Base Plugins incorrectly handled certain inputs. An attacker could possibly use this issue to expose...

CVE-2019-4959

...

CVE-2008-4959

geo-code in gpsdrive-scripts 2.10pre4 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/geo.google, 2 /tmp/geo.yahoo, 3 /tmp/geo.coords, and 4 /tmp/geo.coords temporary files...