121 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-5117
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Linux and Windows allowed a remote attacker to obtain potentially sensitive...
CVE-2025-5117
creationtimestamp| type| source ---|---|--- 2025-05-27 11:48:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17620...
CVE-2025-5117 Property 1.0.5 - 1.0.6 - Missing Authorization to Authenticated (Author+) Privilege Escalation via property_package_user_role Metadata in PayPal Registration
The Property plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the use of the propertypackageuserrole metadata in versions 1.0.5 to 1.0.6. This makes it possible for authenticated attackers, with Author‐level access and above, to elevate their...
CVE-2025-5117 Property 1.0.5 - 1.0.6 - Missing Authorization to Authenticated (Author+) Privilege Escalation via property_package_user_role Metadata in PayPal Registration
The Property plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the use of the propertypackageuserrole metadata in versions 1.0.5 to 1.0.6. This makes it possible for authenticated attackers, with Author‐level access and above, to elevate their...
WordPress Property plugin 1.0.5-1.0.6 - Missing Authorization to Authenticated (Author+) Privilege Escalation via property_package_user_role Metadata in PayPal Registration vulnerability
Missing Authorization to Authenticated Author+ Privilege Escalation via propertypackageuserrole Metadata in PayPal Registration vulnerability discovered by kr0d in WordPress Plugin Property versions 1.0.5-1.0.6...
CVE-2024-5117
creationtimestamp| type| source ---|---|--- 2025-02-14 09:46:59+00:00| seen| Telegram/bDtVWsboxUodvrpCEfhrDHfMKxU8Mlx4ydmLoeAbok0p2w4c...
CVE-2023-5117
An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL...
CVE-2023-5117
An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL...
CVE-2023-5117
creationtimestamp| type| source ---|---|--- 2024-12-25 14:49:33+00:00| seen| https://infosec.exchange/users/cve/statuses/113714015320304355 2024-12-25 15:15:24+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3le5athkkni2f 2024-12-25 17:09:33+00:00| seen|...
CVE-2023-5117 Exposure of Sensitive Information Due to Incompatible Policies in GitLab
An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL...
CVE-2024-5117
A vulnerability, which was classified as critical, was found in SourceCodester Event Registration System 1.0. This affects an unknown part of the file portal.php. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack remotely. The exploit...
CVE-2024-5117 SourceCodester Event Registration System portal.php sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Event Registration System 1.0. This affects an unknown part of the file portal.php. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack remotely. The exploit...
CVE-2019-5117
creationtimestamp| type| source ---|---|--- 2024-01-29 09:11:10+00:00| seen| https://t.me/ctinow/175112...
K94408282: OpenNTPD vulnerability CVE-2016-5117
Security Advisory Description OpenNTPD before 6.0p1 does not validate the CN for HTTPS constraint requests, which allows remote attackers to bypass the man-in-the-middle mitigations via a crafted timestamp constraint with a valid certificate. CVE-2016-5117 Impact There is no impact; F5 products a...
SUSE CVE-2006-5117
phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via direct requests for certain files...
SUSE CVE-2015-5117
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execu...
Mageia: Security Advisory (MGASA-2017-0423)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0312)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0115)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0099)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...