CVE-2026-5235

creationtimestamp| type| source ---|---|--- 2026-04-01 02:38:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mifnxzyxzp2g...

MiracleLinux 4 : icedtea-web-1.6.2-1.0.1.AXS4 (AXSA:2016-504:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-504:01 advisory. The IcedTea-Web project provides a Java web browser plugin, an implementation of Java Web Start originally based on the Netx project and a settings...

EUVD-2022-5235

Malicious code in bioql PyPI...

CVE-2025-5235

creationtimestamp| type| source ---|---|--- 2025-05-30 10:03:24+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqexygzrnsj2...

CVE-2025-5235

CVE-2025-5235 concerns the WordPress plugin OpenSheetMusicDisplay (versions up to and including 1.4.0). The root cause is insufficient input sanitization and output escaping of the className parameter, enabling stored cross-site scripting. Exploitation requires an attacker with Contributor-level ...

WordPress OpenSheetMusicDisplay plugin <= 1.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via className Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via className Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin OpenSheetMusicDisplay versions = 1.4.0...

CVE-2010-5235

Untrusted search path vulnerability in IZArc Archiver 4.1.2 allows local users to gain privileges via a Trojan horse ztv7z.dll file in the current working directory, as demonstrated by a directory that contains a .arj file. NOTE: some of these details are obtained from third party information...

CVE-2024-5235 Campcodes Complete Web-Based School Management System teacher_salary_invoice.php sql injection

A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teachersalaryinvoice.php. The manipulation of the argument teacherid leads to sql injection. It is possible to launch the attack...

CVE-2019-5235

creationtimestamp| type| source ---|---|--- 2024-03-12 09:11:27+00:00| seen| https://t.me/ctinow/205407...

CVE-2023-5235

creationtimestamp| type| source ---|---|--- 2024-01-08 20:26:59+00:00| seen| https://t.me/ctinow/164601 2024-01-25 14:42:00+00:00| seen| https://t.me/ctinow/173471 2025-06-11 17:34:32+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18103...

CVE-2023-5235 Ovic Responsive WPBakery < 1.2.9 - Subscriber+ Option Update

The Ovic Responsive WPBakery WordPress plugin before 1.2.9 does not limit which options can be updated via some of its AJAX actions, which may allow attackers with a subscriber+ account to update blog options, such as 'userscanregister' and 'defaultrole'. It also unserializes user input in the...

CVE-2023-5235

The CVE concerns the Ovic Responsive WPBakery WordPress plugin (versions before 1.2.9). The vulnerability arises from two issues: (1) AJAX actions do not enforce a proper whitelist of updatable blog options, allowing a subscriber+ account to modify settings such as users_can_register and default_...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

RHEL 8 : kpatch-patch (RHSA-2023:5235)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5235 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

CVE-2013-5235

creationtimestamp| type| source ---|---|--- 2023-09-14 22:24:45+00:00| seen| https://t.me/cibsecurity/70463...

CVE-2013-5235

Rejected reason: This candidate is unused by its CNA...

Debian: Security Advisory (DSA-5235-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 7 : python (RHSA-2022:5235)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5235 advisory. - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker contro...

Oracle Linux 7 : python (ELSA-2022-5235)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5235 advisory. - Security fix for CVE-2021-3177 Resolves: rhbz1918168 - Security fixes for CVE-2020-26116, CVE-2020-26137 and CVE-2022-0391 Tenable has extracted the...

AlmaLinux 8 : postgresql:12 (ALSA-2021:5235)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:5235 advisory. postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from man-in-the-middle CVE-2021-23214 Tenabl...