VulnCheck KEV: CVE-2025-10353

File upload leading to remote code execution RCE in the “melis-cms-slider” module of Melis Technology's Melis Platform. This vulnerability allows an attacker to upload a malicious file via a POST request to '/melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm' using the 'mcsdetailimg'...

Exploit for CVE-2025-10353

CV...

CVE-2025-10353

File upload leading to remote code execution RCE in the “melis-cms-slider” module of Melis Technology's Melis Platform. This vulnerability allows an attacker to upload a malicious file via a POST request to '/melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm' using the 'mcsdetailimg'...

CVE-2025-10353

creationtimestamp| type| source ---|---|--- 2025-10-08 09:52:13+00:00| seen| https://sploitus.com/exploit?id=30F52539-16AF-5AE1-BEBD-84F78C3AB426&utmsource=rss&utmmedium=rss 2025-10-08 09:52:13+00:00| seen|...

RockyLinux 9 : socat (RLSA-2025:10353)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:10353 advisory. socat: arbitrary file overwrite via predictable /tmp directory CVE-2024-54661 Tenable has extracted the preceding description block directly from the RockyLinux...

Oracle Linux 9 : socat (ELSA-2025-10353)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-10353 advisory. - add fix for CVE-2024-54661 Resolves: RHEL-70096 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

CVE-2024-10353

creationtimestamp| type| source ---|---|--- 2024-10-25 02:52:17+00:00| seen| https://t.me/cvedetector/8879...

CVE-2024-10353 SourceCodester Online Exam System admin-dashboard access control

A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. Affected is an unknown function of the file /admin-dashboard. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1574 more potentially affected by CVE-2019-10353 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.17)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2019-10353 Source advisory: OSV:GHSA-HCXF-RQ72-H4RR...

RHEL 7 : OpenShift Container Platform 3.11 jenkins (RHSA-2019:2503)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2503 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

Jenkins < 2.176.2 LTS / 2.186 Multiple Vulnerabilities

The version of Jenkins running on the remote web server is prior to 2.186 or is a version of Jenkins LTS prior to 2.176.2. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file write vulnerability exists due to an incomplete fix for SECURITY-1074, the improper validation of...

FreeBSD : jenkins -- multiple vulnerabilities (df3db21d-1a4d-4c78-acf7-4639e5a795e0)

Jenkins Security Advisory : DescriptionMedium SECURITY-1424 / CVE-2019-10352 Arbitrary file write vulnerability using file parameter definitions High SECURITY-626 / CVE-2019-10353 CSRF protection tokens did not expire Medium SECURITY-534 / CVE-2019-10354 Unauthorized view fragment access C Tenabl...

CVE-2019-10353

CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did not expire, thereby allowing attackers able to obtain them to bypass CSRF protection...

CVE-2019-10353

CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did not expire, thereby allowing attackers able to obtain them to bypass CSRF protection...

CVE-2019-10353

CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did not expire, thereby allowing attackers able to obtain them to bypass CSRF protection...

CVE-2019-10353

CVE-2019-10353 affects Jenkins up to version 2.185 and earlier, and Jenkins LTS up to 2.176.1 and earlier. The root cause is CSRF tokens that did not expire, enabling attackers who obtain tokens to bypass CSRF protection. The related in-document entries (e.g., JENKINS_2_186 and GHSA-HCXF-RQ72-H4R...

CVE-2016-10353

...

CVE-2018-10353

A SQL injection information disclosure vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to disclose sensitive information on vulnerable installations due to a flaw in the formChangePass class. Authentication is required to exploit this vulnerability...

CVE-2018-10353

The CVE-2018-10353 entry concerns Trend Micro Email Encryption Gateway 5.5, where a flaw in the formChangePass class enables a SQL injection information disclosure vulnerability. The vulnerability potentially allows a remote attacker to disclose sensitive information on affected installations. Au...

CVE-2017-10353

The CVE-2017-10353 entry affects Oracle Hospitality Hotel Mobile, specifically the Suite8/RESTAPI subcomponent, with version 1.1 identified as affected. The vulnerability is exploitable by a low-privilege attacker who can access the service over HTTP over the network, leading to unauthorized acce...