Linux Distros Unpatched Vulnerability : CVE-2026-5186

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF Fil...

CVE-2026-5186

creationtimestamp| type| source ---|---|--- 2026-03-31 10:22:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3midxggnifh2n...

CVE-2026-5186

The CVE concerns Nothings stb up to 2.30, specifically the Multi-frame GIF File Handler’s stb_image.h function stbi__load_gif_main. A manipulation leads to a double-free, with exploitation requiring local access. Public exploit has been made available. Vendor was contacted early but did not respo...

CVE-2026-5186 Nothings stb Multi-frame GIF File stb_image.h stbi__load_gif_main double free

A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made available to the public and...

CVE-2026-5186

A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made available to the public and...

NewStart CGSL MAIN 6.06 : audit Vulnerability (NS-SA-2025-0236)

The remote NewStart CGSL host, running version MAIN 6.06, has audit packages installed that are affected by a vulnerability: - Audit before 2.4.4 in Linux does not sanitize escape characters in filenames. CVE-2015-5186 Note that Nessus has not tested for these issues but has instead relied only o...

NewStart CGSL MAIN 6.06 : audit Vulnerability (NS-SA-2025-0234)

The remote NewStart CGSL host, running version MAIN 6.06, has audit packages installed that are affected by a vulnerability: - Audit before 2.4.4 in Linux does not sanitize escape characters in filenames. CVE-2015-5186 Note that Nessus has not tested for these issues but has instead relied only o...

Linux Distros Unpatched Vulnerability : CVE-2018-5186

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these coul...

CVE-2025-5186 thinkgem JeeSite URI Scheme form ResourceLoader.getResource server-side request forgery

A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical. Affected by this issue is the function ResourceLoader.getResource of the file /cms/fileTemplate/form of the component URI Scheme Handler. The manipulation of the argument Name leads to server-side request...

CVE-2020-5186

DNN formerly DotNetNuke through 9.4.4 allows XSS issue 1 of 2...

CVE-2012-5186

Cross-site scripting XSS vulnerability in FLUGELz netmania myu-s and PHP WeblogSystem allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-5186

Cross-site scripting XSS vulnerability in jbshop.php in the jbShop plugin for e107 7 allows remote attackers to inject arbitrary web script or HTML via the itemid parameter...

CVE-2010-5186

The Antivirus component in Comodo Internet Security before 4.1.150349.920 allows remote attackers to cause a denial of service application crash via a crafted file...

CVE-2014-5186

SQL injection vulnerability in the All Video Gallery all-video-gallery plugin 1.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an edit action in the allvideogalleryvideos page to wp-admin/admin.php...

CVE-2013-5186

Power Management in Apple Mac OS X before 10.9 does not properly handle the interaction between locking and power assertions, which allows physically proximate attackers to obtain sensitive information by reading a screen that should have transitioned into the locked state...

Linux Distros Unpatched Vulnerability : CVE-2015-5186

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Audit before 2.4.4 in Linux does not sanitize escape characters in filenames. CVE-2015-5186 Note that Nessus relies on the presence of the package as reported b...

Fedora: Security Advisory (FEDORA-2023-c890266d3f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-5186 Server Side Request Forgery (SSRF) in imartinez/privategpt

A Server-Side Request Forgery SSRF vulnerability exists in the file upload section of imartinez/privategpt version 0.5.0. This vulnerability allows attackers to send crafted requests that could result in unauthorized access to the local network and potentially sensitive information. Specifically,...

RHEL 5 : audit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - Audit: log terminal emulator escape sequences handling CVE-2015-5186 Note that Nessus has not tested for this issue...

RHEL 4 : audit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - Audit: log terminal emulator escape sequences handling CVE-2015-5186 Note that Nessus has not tested for this issue...