Linux Distros Unpatched Vulnerability : CVE-2026-5170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window wh...

CVE-2026-5170

A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window when the cluster is being promoted from a replica set to a sharded cluster. This may cause a denial of service by taking down the primary o...

EUVD-2011-5170

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2023-5170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This...

CVE-2025-5170

A vulnerability classified as critical was found in llisoft MTA Maita Training System 4.5. This vulnerability affects the function AdminShitiListRequestVo of the file com\llisoft\controller\admin\shiti\AdminShitiController.java. The manipulation of the argument stTypeIds leads to sql injection. T...

CVE-2025-5170 llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection

A vulnerability classified as critical was found in llisoft MTA Maita Training System 4.5. This vulnerability affects the function AdminShitiListRequestVo of the file com\llisoft\controller\admin\shiti\AdminShitiController.java. The manipulation of the argument stTypeIds leads to sql injection. T...

CVE-2025-5170

The CVE-2025-5170 issue affects llisoft MTA Maita Training System version 4.5, specifically the AdminShitiListRequestVo function in com\llisoft\controller\admin\shiti\AdminShitiController.java. The vulnerability arises from improper handling of the stTypeIds argument, enabling SQL injection that ...

CVE-2025-5170 llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection

A vulnerability classified as critical was found in llisoft MTA Maita Training System 4.5. This vulnerability affects the function AdminShitiListRequestVo of the file com\llisoft\controller\admin\shiti\AdminShitiController.java. The manipulation of the argument stTypeIds leads to sql injection. T...

CVE-2010-5170

Race condition in Online Solutions Security Suite 1.5.14905.0 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes...

CVE-2024-5170

creationtimestamp| type| source ---|---|--- 2024-09-17 08:55:26+00:00| seen| https://t.me/cvedetector/5795...

CVE-2024-5170 Logo Manager For Enamad <= 0.7.1 - Admin+ Stored XSS via Widget

The Logo Manager For Enamad WordPress plugin through 0.7.1 does not sanitise and escape in its widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-5170 Logo Manager For Enamad <= 0.7.1 - Admin+ Stored XSS via Widget

The Logo Manager For Enamad WordPress plugin through 0.7.1 does not sanitise and escape in its widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress Logo Manager For Enamad Plugin <= 0.7.1 is vulnerable to Cross Site Scripting (XSS)

Software Logo Manager For Enamad Type Plugin Vulnerable versions = 0.7.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5170 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID db8eaece7c6c Credits Bob Matyas Require...

Ubuntu: Security Advisory (USN-6404-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6404-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-5169, CVE-2023-5170,...

CVE-2023-5170

In Firefox, CVE-2023-5170 covers a memory leak in the canvas rendering path where a compromised content process could cause a surface to change unexpectedly, leaking privileged-process memory and potentially enabling a sandbox escape. Affected software: Mozilla Firefox versions prior to 118. Root...

CVE-2023-5170

In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...

Mozilla Firefox Security Advisory (MFSA2023-41) - Linux

The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2023-41. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

KLA60812 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Out of bounds write vulnerability in PathOps can be exploited...

Wago PFC200 iocheckd service 'I/O-Check' cache Command Injection (CVE-2019-5170)

An exploitable command injection vulnerability exists in the iocheckd service I/O-Check' function of the WAGO PFC 200 Firmware version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially...