19 matches found
EUVD-2026-36960
Unauthenticated SQL Injection in SpeakOut! Email Petitions = 4.6.5 versions...
PT-2026-49398
Unauthenticated SQL Injection in SpeakOut! Email Petitions = 4.6.5 versions...
DEBIAN-CVE-2026-9759
ROHC protocol dissector crash in Wireshark 4.6.0 to 4.6.5 and 4.4.0 to 4.4.15 allows denial of service...
Wireshark 4.6.x < 4.6.5 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 4.6.5. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.6.5 advisory. - RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of...
CVE-2025-54242
Premiere Pro versions 25.3, 24.6.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file, and scope is unchanged...
Hono 跨站请求伪造漏洞
Hono is a web framework written in TypeScript from the Hono community. A cross-site request forgery vulnerability exists in Hono prior to version 4.6.5, which stems from a lack of cross-site request forgery checks...
CVE-2023-3218
Race Condition within a Thread in GitHub repository it-novum/openitcockpit prior to 4.6.5...
PT-2023-24577 · Unknown · Ciprian Popescu Youtube Playlist Player
Name of the Vulnerable Software and Affected Versions: Ciprian Popescu YouTube Playlist Player plugin versions prior to 4.6.5 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended...
SUSE CVE-2023-26437
Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through 4.7.4 , through 4.8.3...
SUSE CVE-2012-4166
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4165. Reason: This candidate is a duplicate of CVE-2012-4165. Notes: All CVE users should reference CVE-2012-4165 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...
CVE-2022-34650
creationtimestamp| type| source ---|---|--- 2022-07-22 20:23:44+00:00| seen| https://t.me/cibsecurity/46836...
GHSA-55X5-FJ6C-H6M8 lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through
Impact The HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5. Patches The issue has been resolved in lxml 4.6.5...
MCMS Cross-Site Request Forgery Vulnerability
MCMS is a Java rapid development platform based on Spring, SpringMVC, Mybatis . A cross-site request forgery vulnerability exists in the ms/basic/manager/save.do file in MCMS version 4.6.5, which can be exploited by a remote attacker to add an administrator account...
CVE-2018-17366
An issue was discovered in MCMS 4.6.5. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do...
ALPINE-CVE-2016-9863
An issue was discovered in phpMyAdmin. With a very large request to table partitioning function, it is possible to invoke a Denial of Service DoS attack. All 4.6.x versions prior to 4.6.5 are affected...
ALPINE-CVE-2016-9856
An XSS issue was discovered in phpMyAdmin because of an improper fix for CVE-2016-2559 in PMASA-2016-10. This issue is resolved by using a copy of a hash to avoid a race condition. All 4.6.x versions prior to 4.6.5, 4.4.x versions prior to 4.4.15.9, and 4.0.x versions prior to 4.0.10.18 are...
DEBIAN-CVE-2016-9855
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
ALPINE-CVE-2016-9855
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
PT-2013-1885 · Openssl +2 · Openssl +2
Name of the Vulnerable Software and Affected Versions: Qt versions prior to 4.6.5 Qt versions 4.7.x prior to 4.7.6 Qt versions 4.8.x prior to 4.8.5 Description: The issue arises from the QSslSocket::sslErrors function, which, when used with certain versions of openSSL, may read memory from an...