RHCOS 3 : openshift (RHSA-2015:1736)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:1736 advisory. - OpenShift: Malformed JSON can cause API process crash CVE-2015-5250 Note that Nessus has not tested for this issue but has instead relied...

CVE-2010-5250

creationtimestamp| type| source ---|---|--- 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01...

AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC.

...

CVE-2025-5250

creationtimestamp| type| source ---|---|--- 2025-05-27 17:47:32+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq6anwzr5662 2025-05-27 17:48:58+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17689...

CVE-2025-5250

A vulnerability was found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-category.php. The manipulation of the argument Category leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2024-5250

In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations...

CVE-2019-5250

Mate 20 Pro smartphones with versions earlier than 9.1.0.135C00E133R3P1 have an improper authorization vulnerability. The software does not properly restrict certain operation of certain privilege, the attacker could trick the user into installing a malicious application before the user turns on...

CVE-2020-5250

In PrestaShop before version 1.7.6.4, when a customer edits their address, they can freely change the idaddress in the form, and thus steal someone else's address. It is the same with CustomerForm, you are able to change the idcustomer and change all information of all accounts. The problem is...

CVE-2024-5250

creationtimestamp| type| source ---|---|--- 2024-07-30 22:26:12+00:00| seen| https://t.me/cvedetector/2065...

CVE-2024-5250

In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations...

CVE-2024-5250 Overly Verbose Errors in SAML Integration

In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations...

CVE-2024-5250 Overly Verbose Errors in SAML Integration

In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations...

CVE-2024-5250

CVE-2024-5250 affects Akana API Platform versions prior to 2024.1.0, where SAML integration error messages are overly verbose. The issue is documented across multiple feeds (NVD/Red Hat/Son to ENISA and PT Security) and centers on verbose SAML error reporting rather than a runtime compromise vect...

CVE-2019-5250

creationtimestamp| type| source ---|---|--- 2024-03-12 09:11:29+00:00| seen| https://t.me/ctinow/205409...

Rocky Linux 9 : libxml2 (RLSA-2022:5250)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:5250 advisory. - In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in...

CVE-2023-5250 Grid Plus <= 1.3.3 - Authenticated (Subscriber+) Local File Inclusion via Shortcode

The Grid Plus plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.3.3 via a shortcode attribute. This allows subscriber-level, and above, attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those file...

CVE-2023-5250

CVE-2023-5250 affects Grid Plus WordPress plugin up to version 1.3.2, with Local File Inclusion via a shortcode attribute. This allows subscriber-level and higher attackers to include and execute PHP code from server files (limited to .php files), potentially bypassing access controls or enabling...

CVE-2023-5250 Grid Plus <= 1.3.3 - Authenticated (Subscriber+) Local File Inclusion via Shortcode

The Grid Plus plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.3.3 via a shortcode attribute. This allows subscriber-level, and above, attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those file...

WordPress Grid Plus Plugin <= 1.3.3 is vulnerable to Local File Inclusion

Software Grid Plus Type Plugin Vulnerable versions = 1.3.3 Fixed in 1.3.4 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2023-5250 Patch priority Low CVSS severity Low 6.4 Developer Claim ownership PSID a64dc6db3b2e Credits István Márton Required privilege Subscriber...

CVE-2013-5250

Rejected reason: This candidate is unused by its CNA...