EUVD-2026-29483

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0...

PT-2026-40036

Name of the Vulnerable Software and Affected Versions consul-template versions prior to 0.42.0 Description A sandbox path bypass exists in the file template helper, which may allow an attacker to read files located outside of the intended sandbox directory. Recommendations Update to version 0.42....

CVE-2018-5061

creationtimestamp| type| source ---|---|--- 2025-08-31 03:01:31+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d...

CVE-2025-5061

creationtimestamp| type| source ---|---|--- 2025-08-05 10:31:42+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lvnixh5xkn2j...

CVE-2025-5061

The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpieparseuploaddata' function in all versions up to, and including, 3.9.29. This makes it possible for authenticated attackers, with Subscriber-level access and above...

CVE-2025-5061

CVE-2025-5061 affects WordPress plugin WP Import Export Lite (versions ≤ 3.9.29). The vulnerability arises from missing file type validation in the wpie_parse_upload_data function, enabling authenticated users with Subscriber-level access (and those granted by an Administrator) to upload arbitrar...

CVE-2023-5061

creationtimestamp| type| source ---|---|--- 2025-05-22 04:44:32+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17254...

CVE-2024-5061

creationtimestamp| type| source ---|---|--- 2024-08-30 07:17:28+00:00| seen| https://t.me/cvedetector/4496...

WordPress Enfold Theme <= 6.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Enfold Type Theme Vulnerable versions = 6.0.3 Fixed in 6.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5061 Patch priority Low CVSS severity Low 6.5 Developer Kriesi PSID 85813e2bbfbb Credits stealthcopter Required privilege Contributo...

CVE-2019-5061

creationtimestamp| type| source ---|---|--- 2024-03-11 15:16:46+00:00| seen| https://t.me/ctinow/204773...

CVE-2023-5061

CVE-2023-5061 affects GitLab core CI/CD handling: in certain situations, developers could override predefined CI variables via the REST API across multiple release lines (9.3–16.4.3, 16.5.0–16.5.3, 16.6.0–16.6.1). The root cause is not explicitly detailed beyond this behavior, but the impact is t...

CVE-2023-5061 Missing Authorization in GitLab

An issue has been discovered in GitLab affecting all versions starting from 9.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. In certain situations, it may have been possible for developers to override predefined CI variables via the...

FreeBSD : Gitlab -- vulnerabilities (e2fb85ce-9a3c-11ee-af26-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e2fb85ce-9a3c-11ee-af26-001b217b3468 advisory. - Gitlab reports: Smartcard authentication allows impersonation of arbitrary user using user's...

GitLab 9.3 < 16.4.4 / 16.5 < 16.5.4 / 16.6 < 16.6.2 (CVE-2023-5061)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 9.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. In certain...

Ubuntu 16.04 ESM : Scilab vulnerabilities (USN-5061-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5061-1 advisory. It was discovered that Scilab did not properly sanitize XML inputs. An atacker could use a crafted XML file to cause a denial of service or possibly...

AlmaLinux 9 : dmidecode (ALSA-2023:5061)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:5061 advisory. - Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible...

Moderate: Red Hat Security Advisory: dmidecode security update

An update for dmidecode is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RHEL 9 : dmidecode (RHSA-2023:5061)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5061 advisory. The dmidecode packages provide utilities for extracting Intel 64 and Intel Itanium hardware information from the system BIOS or Extensible Firmware...

Oracle Linux 8 : .NET / Core / 3.1 (ELSA-2022-5061)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-5061 advisory. 3.1.420-1.0.1 - Add missing Oracle Linux Runtime IDs - Update to .NET SDK 3.1.417 and Runtime 3.1.23 - Resolves: RHBZ2060566 3.1.420-1 - Update to .NET SDK...

Debian: Security Advisory (DSA-5061-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...