Mozilla Thunderbird < 52.6

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 52.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-04 advisory. - A use-after-free vulnerability can occur during font face manipulation when a font face is freed while...

CVE-2023-5098

The Campaign Monitor Forms by Optin Cat WordPress plugin before 2.5.6 does not prevent users with low privileges like subscribers from overwriting any options on a site with the string "true", which could lead to a variety of outcomes, including DoS...

CVE-2025-5098

creationtimestamp| type| source ---|---|--- 2025-05-23 01:56:29+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpsjl3j5h6i2 2025-05-23 03:28:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpsoskk6mn2q 2025-05-27...

CVE-2025-5098 KL-001-2025-003: Mobile Dynamix PrinterShare Mobile Print Gmail Oauth Token Disclosure

PrinterShare Android application allows the capture of Gmail authentication tokens that can be reused to access a user's Gmail account without proper authorization...

CVE-2011-5098

chef-server-api/app/controllers/clients.rb in Chef Server in Chef before 0.9.20, and 0.10.x before 0.10.6, does not require administrative privileges for creating admin clients, which allows remote authenticated users to bypass intended access restrictions by leveraging read permission for the...

CVE-2019-5098

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be...

Mobile Dynamix PrinterShare Mobile Print Gmail Oauth Token Disclosure

Vulnerability Details Affected Vendor: Mobile Dynamix Affected Product: PrinterShare Mobile Print Affected Version: up to 12.15.01 Platform: Android CWE Classification: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor, CWE-313: Cleartext Storage in a File or on Disk CVE ID:...

CVE-2024-5098

creationtimestamp| type| source ---|---|--- 2025-02-14 09:46:59+00:00| seen| Telegram/adWKqEhktE073DV6Xb7jwfur5hssPmsbmwtUdNDQrWL2xdK5...

CVE-2024-5098

A vulnerability has been found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public...

CVE-2024-5098 SourceCodester Simple Inventory System login.php sql injection

A vulnerability has been found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public...

CVE-2024-5098 SourceCodester Simple Inventory System login.php sql injection

A vulnerability has been found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public...

CVE-2019-5098

creationtimestamp| type| source ---|---|--- 2024-03-07 18:37:54+00:00| seen| https://t.me/ctinow/202649...

CVE-2023-5098

creationtimestamp| type| source ---|---|--- 2023-10-31 17:21:15+00:00| seen| https://t.me/cibsecurity/73243...

CVE-2023-5098

The Campaign Monitor Forms by Optin Cat WordPress plugin before 2.5.6 does not prevent users with low privileges like subscribers from overwriting any options on a site with the string "true", which could lead to a variety of outcomes, including DoS...

CVE-2023-5098

CVE-2023-5098: Campaign Monitor Forms by Optin Cat for WordPress (pre-2.5.6) allows a Subscriber+ level attacker to overwrite arbitrary WordPress options by calling an AJAX action (fca_eoi_dismiss) with the value true, enabling a denial-of-service style attack. Root cause is broken access control...

CVE-2023-5098 Campaign Monitor Forms < 2.5.6 - Subscriber+ Arbitrary Options Update

The Campaign Monitor Forms by Optin Cat WordPress plugin before 2.5.6 does not prevent users with low privileges like subscribers from overwriting any options on a site with the string "true", which could lead to a variety of outcomes, including DoS...

WordPress Campaign Monitor Forms Plugin < 2.5.6 is vulnerable to Broken Access Control

Software Campaign Monitor Forms Type Plugin Vulnerable versions 2.5.6 Fixed in 2.5.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-5098 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 224fc6fd923e Credits Francesco Marano...

Important: Red Hat Security Advisory: grub2, mokutil, and shim security update

An update for grub2, mokutil, and shim is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

RHEL 8 : grub2, mokutil, and shim (RHSA-2022:5098)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5098 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...

Debian DSA-5098-1 : tryton-server - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5098 advisory. - An XXE issue was discovered in Tryton Application Platform Server 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton...