CVE-2026-5021

A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. This manipulation of the argument delno causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been...

CVE-2026-5021

CVE-2026-5021 affects Tenda F453 1.0.0.3. The vulnerability is a stack-based overflow in httpd’s fromPPTPUserSetting (/goform/PPTPUserSetting) caused by manipulating the delno argument. Remote exploitation is possible and exploits have been published. Remediation in documents: update to a newer v...

MiracleLinux 9 : mingw-glib2-2.70.1-2.el9 (AXSA:2023-5021:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5021:01 advisory. glib: gfilereplace with GFILECREATEREPLACEDESTINATION creates empty target for dangling symlink CVE-2021-28153 Tenable has extracted the preceding descriptio...

EUVD-2017-6318

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2014-5021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the...

CVE-2011-5021

PHPIDS before 0.7 does not properly implement Regular Expression Denial of Service ReDoS filters, which allows remote attackers to bypass rulesets and add PHP sequences to a file via unspecified vectors...

CVE-2024-5021 WordPress Picture / Portfolio / Media Gallery <= 3.0.1 - Unauthenticated Server-Side Request Forgery

The WordPress Picture / Portfolio / Media Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.0.1 via the 'filegetcontents' function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations...

WordPress WordPress Picture / Portfolio / Media Gallery Plugin <= 3.0.1 is vulnerable to Server Side Request Forgery (SSRF)

Software WordPress Picture / Portfolio / Media Gallery Type Plugin Vulnerable versions = 3.0.1 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-5021 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID 4f6e62e03ba9 Credits...

CVE-2023-5021

CVE-2023-5021 affects SourceCodester AC Repair and Services System 1.0. The vulnerability is a cross-site scripting flaw in the admin/?page=system_info/contact_information path, caused by manipulation of the telephone/mobile/address parameters. It can be exploited remotely. The description does n...

K25551452: Alpine Linux Docker image vulnerability CVE-2019-5021

Security Advisory Description Versions of the Official Alpine Linux Docker images since v3.3 contain a NULL password for the root user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected...

K99998454: iControl REST vulnerability CVE-2016-5021

Security Advisory Description The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP GTM 11.5.x before 11.5.4 and 11.6.x before 11.6.1;...

SUSE CVE-2008-5021

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by modifying properties of a file input element while it is stil...

SUSE CVE-2017-5021

A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

SUSE CVE-2019-5021

Versions of the Official Alpine Linux Docker images since v3.3 contain a NULL password for the root user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux...

Debian DSA-5021-1 : mediawiki - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5021 advisory. Multiple security issues were discovered in MediaWiki, a website engine for collaborative work: Vulnerabilities in the mcrundo and rollback actions may allow...

SUSE SLES12 Security Update : sles12sp2-docker-image (SUSE-SU-2021:4011-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:4011-1 advisory. - Versions of the Official Alpine Linux Docker images since v3.3 contain a NULL password for the root user. This vulnerability appears to be the result...

SUSE: Security Advisory (SUSE-SU-2021:4011-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:4011-1 Security update for sles12sp2-docker-image

This update for sles12sp2-docker-image fixes the following issues: - Invalidate the root password was empty before bsc1134524 CVE-2019-5021 Note that SUSE does not recommend use of this image anymore, please use newer versions from the registry...

SUSE: Security Advisory (SUSE-SU-2019:1368-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:1368-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...