CVE-2008-4997

dfxml-invoice in datafreedom-perl 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/zenity temporary file. NOTE: the vendor disputes this vulnerability, stating that the vector is solely "an EXAMPLE used in the manpage...

CVE-2025-4997

creationtimestamp| type| source ---|---|--- 2025-05-20 20:44:19+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpmxarpkpxh2 2025-05-20 23:13:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpn7mq5qpp2w...

CVE-2025-4997 H3C R2+ProG HTTP POST Request aspForm SetAPInfoById denial of service

A vulnerability, which was classified as problematic, was found in H3C R2+ProG up to 200R004. Affected is the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/EditBasicSSID/EditGuestSSIDFor2P4G/EditBasicSSID5G/SetAPInfoById of the file /goform/aspForm of the componen...

CVE-2025-4997

CVE-2025-4997 affects H3C R2+ProG up to version 200R004. The HTTP POST Request Handler’s /goform/aspForm, specifically UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditMacList/Edit_BasicSSID/Edit_GuestSSIDFor2P4G/Edit_BasicSSID_5G/SetAPInfoById, handles the param argument insecurely, lea...

CVE-2025-4997 H3C R2+ProG HTTP POST Request aspForm SetAPInfoById denial of service

A vulnerability, which was classified as problematic, was found in H3C R2+ProG up to 200R004. Affected is the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/EditBasicSSID/EditGuestSSIDFor2P4G/EditBasicSSID5G/SetAPInfoById of the file /goform/aspForm of the componen...

Linux Distros Unpatched Vulnerability : CVE-2009-4997

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gnome-power-manager 2.27.92 does not properly implement the lockonsuspend and lockonhibernate settings for locking the screen when the suspend or hibernate butt...

CVE-2024-4997

The WPUpper Share Buttons plugin for WordPress is vulnerable to unauthorized access of data when preparing sharing links for posts and pages in all versions up to, and including, 3.43. This makes it possible for unauthenticated attackers to obtain the contents of password protected posts and page...

CVE-2024-4997 WPUpper Share Buttons <= 3.43 - Missing Authorization

The WPUpper Share Buttons plugin for WordPress is vulnerable to unauthorized access of data when preparing sharing links for posts and pages in all versions up to, and including, 3.43. This makes it possible for unauthenticated attackers to obtain the contents of password protected posts and page...

CVE-2024-4997

CVE-2024-4997 concerns WPUpper Share Buttons for WordPress, claiming unauthorized access to password‑protected post/page contents up to version 3.43. The provided connected documents do not supply technical details, affected versions beyond 3.43, root cause, exploit info, or fixes.

WordPress WPUpper Share Buttons Plugin <= 3.43 is vulnerable to Broken Access Control

Software WPUpper Share Buttons Type Plugin Vulnerable versions = 3.43 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4997 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 7221465742e4 Credits Krzysztof Zając Required...

CVE-2023-4997

creationtimestamp| type| source ---|---|--- 2023-10-04 14:11:59+00:00| seen| https://t.me/cibsecurity/71561...

CVE-2023-4997

Improper authorisation of regular users in ProIntegra Uptime DC software versions below 2.0.0.33940 allows them to change passwords of all other users including administrators leading to a privilege escalation...

CVE-2023-4997 Improper authorisation in Uptime DC

Improper authorisation of regular users in ProIntegra Uptime DC software versions below 2.0.0.33940 allows them to change passwords of all other users including administrators leading to a privilege escalation...

CVE-2023-4997

CVE-2023-4997 affects ProIntegra Uptime DC software prior to version 2.0.0.33940. The issue is improper authorization that allows regular users to change passwords of all accounts, including administrators, enabling privilege escalation. The CVE is documented with CVSS v3.1 signals: AV:N/AC:L/PR:...

SUSE CVE-2007-4997

Integer underflow in the ieee80211rx function in net/ieee80211/ieee80211rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service crash via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211STYPEQOSDATA flag is set, aka an "off-by-two...

SUSE CVE-2009-4997

gnome-power-manager 2.27.92 does not properly implement the lockonsuspend and lockonhibernate settings for locking the screen when the suspend or hibernate button is pressed, which might make it easier for physically proximate attackers to access an unattended laptop via a resume action, a relate...

Ubuntu: Security Advisory (USN-3338-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-4997-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2016-0271)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-4997-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...