EUVD-2026-0551

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

TencentOS Server 4: jq (TSSA-2025:0551)

"The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0551 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2021-0551

In bind of MediaControlPanel.java, there is a possible way to lock up the system UI using a malicious media file due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

CVE-2024-0551

creationtimestamp| type| source ---|---|--- 2024-02-27 15:31:45+00:00| seen| https://t.me/ctinow/194492 2024-02-27 15:36:28+00:00| seen| https://t.me/ctinow/194503...

CVE-2024-0551

Enable exports of the database and associated exported information of the system via the default user role. The attacked would have to have been granted access to the system prior to the attack. It is worth noting that the deterministic nature of the export name is lower risk as the UI for...

CVE-2024-0551

CVE-2024-0551 describes an access-control error that allows exporting the database and related data via the default user role for users with prior system access. The export mechanism uses a deterministic name, and the download is initiated by the UI before the export is deleted from the system, i...

CVE-2024-0551 Download and export of file via default user role

Enable exports of the database and associated exported information of the system via the default user role. The attacked would have to have been granted access to the system prior to the attack. It is worth noting that the deterministic nature of the export name is lower risk as the UI for...

CVE-2024-0551 Download and export of file via default user role

Enable exports of the database and associated exported information of the system via the default user role. The attacked would have to have been granted access to the system prior to the attack. It is worth noting that the deterministic nature of the export name is lower risk as the UI for...

SUSE: Security Advisory (SUSE-SU-2024:0551-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rocky Linux 8 : nodejs:14 (RLSA-2021:0551)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:0551 advisory. - An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows...

CVE-2023-0551

creationtimestamp| type| source ---|---|--- 2023-08-16 16:50:29+00:00| seen| https://t.me/cibsecurity/68641...

CVE-2023-0551

The REST API TO MiniProgram WordPress plugin through 4.6.1 does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments...

CVE-2023-0551

The CVE CVE-2023-0551 affects the WordPress plugin REST API TO MiniProgram (through 4.6.1). The vulnerability is due to missing authorization checks and CSRF protection in an AJAX action, allowing any authenticated user (e.g., subscriber) to call and delete arbitrary attachments. Connected source...

CVE-2023-0551 REST API TO MiniProgram <= 4.6.1 - Subscriber+ Attachment Deletion

The REST API TO MiniProgram WordPress plugin through 4.6.1 does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments...

CVE-2023-0551 REST API TO MiniProgram <= 4.6.1 - Subscriber+ Attachment Deletion

The REST API TO MiniProgram WordPress plugin through 4.6.1 does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments...

WordPress REST API TO MiniProgram Plugin <= 4.6.9 is vulnerable to Arbitrary Content Deletion

Software REST API TO MiniProgram Type Plugin Vulnerable versions = 4.6.9 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Arbitrary Content Deletion CVE CVE-2023-0551 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 319d19ca8dfe Credits Lana Codes Requir...

SUSE CVE-2020-0551

Load value injection in some IntelR Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. The list of affected products is provided in intel-sa-00334:...

Backdoor.Win32.NetSpy.10 Remote Command Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/45d413b46f1d14a45e8fd36921813d62.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NetSpy.10 Vulnerability: Unauthenticated Remote Command Execution Description: The...

CVE-2022-0551

creationtimestamp| type| source ---|---|--- 2022-03-24 17:29:37+00:00| seen| https://t.me/cibsecurity/39490...

CVE-2022-0551 Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0

Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticated attacker with admin or import manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Networks Guardian...