CVE-2025-5270 vulnerabilities

Vulnerabilities for packages: firefox-esr...

CVE-2025-5270

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability affects Firefox 139 and Thunderbird 139...

CVE-2025-5270

CVE-2025-5270 concerns Mozilla Firefox and Thunderbird where SNI could be sent unencrypted even when encrypted DNS is enabled. Affected products are Firefox versions earlier than 139 and Thunderbird versions earlier than 139. The vulnerability’s impact includes potential disclosure of sensitive i...

CVE-2025-5270

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139...

CVE-2020-5270

In PrestaShop between versions 1.7.6.0 and 1.7.6.5, there is an open redirection when using back parameter. The impacts can be many, and vary from the theft of information and credentials to the redirection to malicious websites containing attacker-controlled content, which in some cases even cau...

CVE-2010-5270

Multiple untrusted search path vulnerabilities in Adobe Device Central CS4 2.0.0 0476 allow local users to gain privileges via a Trojan horse 1 ibfs32.dll or 2 amtcdb.dll file in the current working directory, as demonstrated by a directory that contains a .adcp file. NOTE: some of these details...

CVE-2011-5270

wp-admin/press-this.php in WordPress before 3.0.6 does not enforce the publishposts capability requirement, which allows remote authenticated users to perform publish actions by leveraging the Contributor role...

Linux Distros Unpatched Vulnerability : CVE-2014-5270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it...

CVE-2024-5270

Mattermost versions 9.5.x = 9.5.3, 9.7.x = 9.7.1, 9.6.x = 9.6.1 and 8.1.x = 8.1.12 fail to check if the email signup configuration option is enabled when a user requests to switch from SAML to Email. This allows the user to switch their authentication mail from SAML to email and possibly edit...

CVE-2024-5270 SAML to email switch possible when email signin is disabled

Mattermost versions 9.5.x = 9.5.3, 9.7.x = 9.7.1, 9.6.x = 9.6.1 and 8.1.x = 8.1.12 fail to check if the email signup configuration option is enabled when a user requests to switch from SAML to Email. This allows the user to switch their authentication mail from SAML to email and possibly edit...

CVE-2023-5270

CVE-2023-5270 affects SourceCodester Best Courier Management System 1.0. The vulnerability is a SQL injection in the file view_parcel.php caused by manipulating the id parameter. Exploit has been disclosed publicly. The CVSS 3.1 metrics indicate high impact across confidentiality, integrity, and ...

CVE-2023-5270 SourceCodester Best Courier Management System view_parcel.php sql injection

A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file viewparcel.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to th...

CVE-2013-5270

Rejected reason: This candidate is unused by its CNA...

Debian: Security Advisory (DLA-54-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress < 3.0.6 Access Restriction Bypass Vulnerability

WordPress is prone to an access restriction bypass vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Ubuntu 16.04 ESM : MySQL vulnerabilities (USN-5270-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5270-2 advisory. USN-5270-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the precedin...

Ubuntu: Security Advisory (USN-5270-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 18.04 LTS / 20.04 LTS : MySQL vulnerabilities (USN-5270-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5270-1 advisory. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been...

Mageia: Security Advisory (MGASA-2017-0059)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2014-0381)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...