CVE-2005-4551

CVE-2023-52435 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago

CVE-2005-4551 - Cross-site scripting (XSS) vulnerability in sign.php in codegrrl SimpBook 1.0, when html_enable is on, allows remote attackers to inject arbitrary web script or HTML via the message parameter to index.php. ...
9 years ago

CVE-2007-4551 - PHP remote file inclusion vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter. ...
17 years ago

CVE-2010-4551 - IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by omitting the Internet ID field in the person document, and then using an Apple device to (1) accept ...
15 years ago

CVE-2008-4551 - strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via an IKE_SA_INIT message with a large number of NULL values in a Key Exchange payload, which triggers a NULL pointer dereference for the return value ...
2 years ago

CVE-2011-4551 - Cross-site scripting (XSS) vulnerability in tiki-cookie-jar.php in TikiWiki CMS/Groupware before 8.2 and LTS before 6.5 allows remote attackers to inject arbitrary web script or HTML via arbitrary parameters. ...
13 years ago

CVE-2012-4551 - Use-after-free vulnerability in libunity-webapps before 2.4.1 allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted web site, related to "certain hash tables." ...
13 years ago

CVE-2014-4551 - Cross-site scripting (XSS) vulnerability in diagnostics/test.php in the Social Connect plugin 1.0.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the testing parameter. ...
11 years ago

CVE-2016-4551 - The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the network landscape, aka SAP Security Note 2190621. ...
9 years ago

CVE-2013-4551 - Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of service (host crash) via unspecified vectors related ...
8 years ago

CVE-2009-4551 - SQL injection vulnerability in the Survey Pro module for Miniweb 2.0 allows remote attackers to execute arbitrary SQL commands via the campaign_id parameter in a results action to index.php. ...
8 years ago

CVE-2006-4551 - Eval injection vulnerability in CHXO Feedsplitter 2006-01-21 allows remote attackers to execute arbitrary PHP code via (1) the file specified as the value of the format parameter, and possibly (2) the RSS feed. ...
2 years ago

CVE-2019-4551 - IBM Security Directory Server 6.4.0 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 165953. ...
6 years ago

CVE-2020-4551 - IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to ...
4 years ago

CVE-2015-4551 - LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information ...
4 years ago

CVE-2022-4551 - The Rich Table of Contents WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and ...
3 years ago

CVE-2018-4551 - ** REJECT ** This candidate is unused by its CNA. ...
2 years ago

CVE-2017-4551 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
56 years ago Tenable.com

CVE-2023-4551 - Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows OS Command Injection. ...
2 years ago

CVE-2024-4551 - The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This makes it possible for authenticated attackers, ...
1 year ago

CVE-2025-4551 - A vulnerability, which was classified as problematic, was found in ContiNew Admin up to 3.6.0. Affected is an unknown function of the file /dev-api/common/file. The manipulation of the argument File leads to cross site scripting. It is possible to ...
10 months ago

CVE-2024-53219 - In the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following warning was reported: ...
1 year ago Tenable.com

CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
17 years ago

CVE-2005-0065 - The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it ...
17 years ago

CVE-2005-0066 - The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP ...
2 years ago