letta-nory (=0.1.0) potentially affected by CVE-2025-6101 +1 more via letta (=0.16.7)

letta PYPI version =0.16.7 is affected by a known vulnerability. The following packages have a transitive dependency on letta and may be impacted: - letta-nory =0.1.0 Source cves: CVE-2025-6101, CVE-2026-4965 Source advisory: SNYK:PYTHON-LETTA-15874391...

CVE-2026-4965

creationtimestamp| type| source ---|---|--- 2026-03-27 19:19:24+00:00| seen| Telegram/oT6t4NRMpgoX3zBs2D6gNNWCx9cAFlVoBXSXqbTX6Ejwqdk...

PT-2026-4965

code-projects Computer Book Store 1.0 is vulnerable to File Upload in admin add.php...

CVE-2009-4965

SQL injection vulnerability in the AIRware Lexicon airlexicon extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

EUVD-2008-1680

Malware in sbrugna...

WordPress WPBakery Page Builder plugin <= 8.4.1 - Authenticated (Author+) Stored Cross-Site Scripting via Grid Builder vulnerability

Authenticated Author+ Stored Cross-Site Scripting via Grid Builder vulnerability discovered by zer0gh0st in WordPress Plugin WPBakery Page Builder versions = 8.4.1...

CVE-2025-4965

creationtimestamp| type| source ---|---|--- 2025-06-19 07:41:39+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18841 2025-06-19 09:38:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrxa2s24y32r 2025-06-19 11:39:09+00:00| seen|...

CVE-2025-4965

The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid Builder feature in all versions up to, and including, 8.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...

CVE-2025-4965 WPBakery Page Builder <= 8.4.1 - Authenticated (Author+) Stored Cross-Site Scripting via Grid Builder

The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid Builder feature in all versions up to, and including, 8.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...

CVE-2025-4965

CVE-2025-4965 (WPBakery Page Builder for WordPress) is a stored XSS vulnerability in the Grid Builder of WPBakery Page Builder, affecting all versions up to 8.4.1. The root cause is insufficient input sanitization and output escaping on user-supplied attributes, enabling an authenticated attacker...

CVE-2013-4965

Puppet Enterprise before 3.1.0 does not properly restrict the number of authentication attempts by a console account, which makes it easier for remote attackers to bypass intended access restrictions via a brute-force attack...

CVE-2010-4965

/etc/rc.d/rc.local on the D-Link DCS-2121 camera with firmware 1.04 configures a hardcoded password of admin for the root account, which makes it easier for remote attackers to obtain shell access by leveraging a running telnetd server...

Advisory ROSA-SA-2025-2651

software: libde265 1.0.14 OS: ROSA-CHROME packageevrstring: libde265-1.0.14 CVE-ID: CVE-2023-4965 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A vulnerability in phpipam allows a remote attacker to perform an open redirect via the Header Handler component. CVE-STATUS: The vulnerability has been resolved...

Adobe Reader < 2015.006.30418 / 2017.011.30080 / 2018.011.20040 Multiple Vulnerabilities (APSB18-09) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30418, 2017.011.30080, or 2018.011.20040. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and...

RHEL 6 : rabbitmq (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - rabbitmq: MQTT connection authentication succeeds with empty password CVE-2016-9877 - An issue was...

CVE-2022-4965

The Invitation Code Content Restriction Plugin from CreativeMinds plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘targetid’ parameter in all versions up to, and including, 1.5.4 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2022-4965

The CVE-2022-4965 entry concerns the Invitation Code Content Restriction Plugin for WordPress by CreativeMinds. It describes a reflected Cross-Site Scripting (XSS) vulnerability via the target_id parameter present in all versions up to and including 1.5.4, caused by insufficient input sanitizatio...

WordPress Invitation Code Content Restriction Plugin from CreativeMinds Plugin <= 1.5.4 is vulnerable to Cross Site Scripting (XSS)

Software Invitation Code Content Restriction Plugin from CreativeMinds Type Plugin Vulnerable versions = 1.5.4 Fixed in 1.5.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4965 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownershi...

openSUSE: Security Advisory for ppp (SUSE-SU-2023:4965-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-4965

CVE-2023-4965 affects phpipam 1.5.1 via the Header Handler; manipulating the X-Forwarded-Host header leads to an open redirect, exploitable remotely and publicly disclosed (VDB-239732). Documented impact signals low to no confidentiality/integrity/availability effects, with no explicit patch/vers...