CVE-2026-5129

creationtimestamp| type| source ---|---|--- 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0393/ 2026-04-03 13:45:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3milu57parh2r...

Linux Distros Unpatched Vulnerability : CVE-2017-5129

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTM...

Linux Distros Unpatched Vulnerability : CVE-2016-5129

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left- trimmed objects, which allows remote attackers to cau...

CVE-2025-5129

creationtimestamp| type| source ---|---|--- 2025-05-24 16:45:17+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17492 2025-05-24 16:52:14+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpwm53hixkj2 2025-05-24...

CVE-2025-5129 Sangfor 零信任访问控制系统 aTrust MSASN1.dll uncontrolled search path

A vulnerability has been found in Sangfor 零信任访问控制系统 aTrust 2.3.10.60 and classified as critical. Affected by this vulnerability is an unknown functionality in the library MSASN1.dll. The manipulation leads to uncontrolled search path. Local access is required to approach this attack. The complexi...

CVE-2025-5129

CVE-2025-5129 pertains to Sangfor aTrust 2.3.10.60 where an uncontrolled search path is caused by a flaw in MSASN1.dll. The vulnerability can be exploited with local access and has high attack complexity; some references indicate that privileges may be required (local and elevated depending on so...

Linux Distros Unpatched Vulnerability : CVE-2023-5129

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863. CVE-2023-5129 Note that Nessus relies on...

CVE-2019-5129

A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. The parameter base64Url in...

CentOS 6 : net-snmp (RHSA-2020:5129)

The remote CentOS Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5129 advisory. - Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root...

NewStart CGSL MAIN 6.02 : libwebp Multiple Vulnerabilities (NS-SA-2024-0067)

The remote NewStart CGSL host, running version MAIN 6.02, has libwebp packages installed that are affected by multiple vulnerabilities: - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863. CVE-2023-5129 - Heap buffer overflow in...

Fedora: Security Advisory (FEDORA-2023-9108cda47c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2023-c890266d3f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-5129

A Privilege Escalation Vulnerability exists in lunary-ai/lunary version 1.2.2, where any user can delete any datasets due to missing authorization checks. The vulnerability is present in the dataset deletion functionality, where the application fails to verify if the user requesting the deletion...

CVE-2024-5129 Privilege Escalation Vulnerability in lunary-ai/lunary

A Privilege Escalation Vulnerability exists in lunary-ai/lunary version 1.2.2, where any user can delete any datasets due to missing authorization checks. The vulnerability is present in the dataset deletion functionality, where the application fails to verify if the user requesting the deletion...

CVE-2024-5129

The CVE-2024-5129 entry concerns lunary-ai/lunary version 1.2.2 where the datasets.delete function lacks authorization checks. This allows an unauthenticated user to delete any dataset by issuing a DELETE request with the dataset ID, constituting a privilege-escalation/unauthorized data deletion ...

CentOS 8 : thunderbird (CESA-2023:5201)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2023:5201 advisory. - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863. CVE-2023-5129 - Heap buffer overflow i...

CentOS 8 : firefox (CESA-2023:5184)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2023:5184 advisory. - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863. CVE-2023-5129 - Heap buffer overflow i...

CVE-2019-5129

creationtimestamp| type| source ---|---|--- 2024-01-29 09:41:40+00:00| seen| https://t.me/ctinow/175124 2024-11-30 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-11-30 2024-12-24 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities ...

CentOS 7 : firefox (RHSA-2023:5197)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5197 advisory. - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863. CVE-2023-5129 - Heap buffer...

VulnCheck KEV: CVE-2019-5129

A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. The parameter base64Url in...