CVE-2026-5070 Vantage <= 1.20.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Block Text Content

The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions up to, and including, 1.20.32 due to insufficient output escaping in the gallery template. This makes it possible for authenticated attackers, with contributor-level access and...

EUVD-2019-5070

Malware in sbrugna...

CVE-2016-5070

creationtimestamp| type| source ---|---|--- 2023-12-11 15:22:28+00:00| seen| https://t.me/arpsyndicate/1766...

CVE-2023-5070

CVE-2023-5070 affects the WordPress plugin “Social Media Share Buttons & Social Sharing Icons” (slug: ultimate-social-media-icons) up to and including version 2.8.5. Root cause: sfsi_save_export export flow allows exporting plugin settings, exposing sensitive data (social tokens, secrets, app pas...

WordPress Social Media & Share Icons Plugin <= 2.8.5 is vulnerable to Sensitive Data Exposure

Software Social Media & Share Icons Type Plugin Vulnerable versions = 2.8.5 Fixed in 2.8.6 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-5070 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 041c1c8cf3d2 Credits Marco...

Mageia: Security Advisory (MGASA-2015-0282)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5070-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5070-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5070-1 advisory. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable...

SUSE: Security Advisory (SUSE-SU-2012:1489-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

In-the-Wild Series: Chrome Exploits

This is part 3 of a 6-part series detailing a set of vulnerabilities found by Project Zero being exploited in the wild. To read the other parts of the series, see the introduction post. Posted by Sergei Glazunov, Project Zero Introduction As we continue the series on the watering hole attack...

CVE-2020-5070

...

CVE-2020-5070

CVE-2020-5070 is explicitly marked as rejected/not used; this entry does not represent an active vulnerability.

CVE-2009-5070

...

CVE-2019-5070

EPIGNOSIS eFront LMS SQL Injection (CVE-2019-5070) affects Epignosis eFront LMS

Command Execution Vulnerability in Multiple Series of FUJI XEROX Printer Products

FUJI XEROX ApeosPort-V 5070, FUJI XEROX ApeosPort-V C3375, etc. are printer products introduced by Fuji Xerox. A command execution vulnerability exists in multiple series of FUJI XEROX printer products. An attacker can exploit the vulnerability to execute commands, upload files, delete printer...

CVE-2018-5070

Adobe Acrobat and Reader vulnerabilities CVE-2018-5070 affect multiple old builds (2018.011.20040 and earlier; 2017.011.30080 and earlier; 2015.006.30418 and earlier). The issue is an Out-of-bounds write in the application, with the potential to execute arbitrary code in the context of the curren...

KLA11283 Multiple vulnerabilities in Adobe Acrobat&Reader

Multiple vulnerabilities was found in Adobe Acrobat&Reader. Original advisories Prenotification Security Advisory for Adobe Acrobat and Reader | APSB18-21 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details. Related products...

CVE-2014-5070

The CVE-2014-5070 entry affects Microsemi Symmetricom s350i clock server, version 2.70.15. The vulnerability enables remote privilege escalation where remote authenticated users can gain privileges by pushing unauthenticated users to the login page. Root cause details are not explicitly stated in...

CVE-2017-5070

Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

CVE-2017-5070

Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...