10 matches found
EUVD-2026-15830
Incorrect Privilege Assignment vulnerability in wpeverest User Registration user-registration allows Privilege Escalation.This issue affects User Registration: from n/a through = 4.4.9...
UBUNTU-CVE-2026-27474
SPIP before 4.4.9 allows Cross-Site Scripting XSS in the private area, complementing an incomplete fix from SPIP 4.4.8. The echappeantixss function was not systematically applied to input, form, button, and anchor a HTML tags, allowing an attacker to inject malicious scripts through these element...
CVE-2026-27473
SPIP before 4.4.9 allows Stored Cross-Site Scripting XSS via syndicated sites in the private area. The URLSYNDIC output is not properly sanitized on the private syndicated site page, allowing an attacker who can set a malicious syndication URL to inject persistent scripts that execute when other...
CVE-2025-71248
...
CVE-2026-24353
Missing Authorization vulnerability in wpeverest User Registration user-registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Registration: from n/a through = 4.4.9...
EUVD-2026-3449
Out of bounds memory access in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...
OESA-2025-2266 wireshark security update
Security Fixes: A vulnerability classified as problematic CWE-476 has been found in Wireshark versions 4.4.0 to 4.4.8. The application dereferences a pointer that it expects to be valid but is NULL, typically causing a crash or exit, impacting availability. Upgrading to version 4.4.9 eliminates...
CVE-2023-33495
Craft CMS through 4.4.9 is vulnerable to HTML Injection...
CVE-2021-44495
creationtimestamp| type| source ---|---|--- 2022-04-15 22:30:54+00:00| seen| https://t.me/cibsecurity/40939...
ALEOS Out-of-Bounds Read Vulnerability
ALEOS is an integrated development environment for building customized embedded M2M applications. An out-of-bounds read vulnerability exists in the ACEView service in ALEOS versions prior to 4.13.0, 4.9.5, and 4.4.9, which can be exploited by an attacker to obtain sensitive information...