CVE-2016-9271

Cloudera Manager 5.7.x before 5.7.6, 5.8.x before 5.8.4, and 5.9.x before 5.9.1 allows XSS in the help search feature...

CVE-2021-41188

Shopware is open source e-commerce software. Versions prior to 5.7.6 contain a cross-site scripting vulnerability. This issue is patched in version 5.7.6. Two workarounds are available. Using the security plugin or adding a particular following config to the .htaccess file will protect against...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000461)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000461 advisory. In the Linux kernel 4.4 through 5.7.6, usbtestdisconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. Tenable has extracted the preceding...

CVE-2025-64195

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThimPress Eduma eduma allows PHP Local File Inclusion.This issue affects Eduma: from n/a through = 5.7.6...

CVE-2025-64194

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress Eduma eduma allows Stored XSS.This issue affects Eduma: from n/a through = 5.7.6...

CVE-2025-64195

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThimPress Eduma eduma allows PHP Local File Inclusion.This issue affects Eduma: from n/a through = 5.7.6...

CVE-2025-64195 WordPress Eduma theme <= 5.7.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThimPress Eduma eduma allows PHP Local File Inclusion.This issue affects Eduma: from n/a through = 5.7.6...

CVE-2025-64195 WordPress Eduma theme <= 5.7.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThimPress Eduma eduma allows PHP Local File Inclusion.This issue affects Eduma: from n/a through = 5.7.6...

PT-2025-44242

Name of the Vulnerable Software and Affected Versions ThimPress Eduma versions through 5.7.6 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local files...

Linux Distros Unpatched Vulnerability : CVE-2020-15393

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel 4.4 through 5.7.6, usbtestdisconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. CVE-2020-15393 Note that Nessus...

CVE-2022-1257

Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files...

PT-2024-32611 · Bdthemes · Element Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: BdThemes Element Pack Elementor Addons versions through 5.7.5 Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS in the Eleme...

WordPress Element Pack Elementor Addons Plugin <= 5.7.6 is vulnerable to Cross Site Scripting (XSS)

Software Element Pack Elementor Addons Type Plugin Vulnerable versions = 5.7.6 Fixed in 5.7.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4360 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b1a260751a26 Credits Ngô Thiên ...

WordPress ProfileGrid plugin <= 5.7.6 - IDOR on Friend Request vulnerability

IDOR on Friend Request vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin ProfileGrid versions = 5.7.6...

WordPress AutomateWoo Plugin <= 5.7.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software AutomateWoo Type Plugin Vulnerable versions = 5.7.5 Fixed in 5.7.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-36513 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID baa4f71a9406 Credits Rafie Muhammad Patchsta...

SUSE CVE-2011-1488

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent...

SUSE CVE-2011-1490

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message...

CVE-2022-1258

A blind SQL injection vulnerability in the ePolicy Orchestrator ePO extension of MA prior to 5.7.6 can be exploited by an authenticated administrator on ePO to perform arbitrary SQL queries in the back-end database, potentially leading to command execution on the server...

McAfee Agent 后置链接漏洞

Mcafee McAfee Agent MA is a McAfee client component that provides secure communication between ePolicy Orchestrator antivirus management platform and managed products. A security vulnerability previously existed in McAfee Agent for Windows 5.7.6 that allowed a local, low-privileged user to gain...

PT-2022-3654 · Mcafee · Epolicy Orchestrator (Epo) Extension Of Ma

Name of the Vulnerable Software and Affected Versions: ePolicy Orchestrator ePO extension of MA versions prior to 5.7.6 Description: A blind SQL injection issue exists in the ePolicy Orchestrator ePO extension of MA, related to the failure to neutralize special elements used in SQL queries. This...