MiracleLinux 8 : firefox-102.10.0-1.el8.ML.1 (AXSA:2023-5298:15)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5298:15 advisory. MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp Mozilla: Fullscreen notification obscured CVE-2023-29533 Mozilla: Potential Memory Corruption...

MiracleLinux 4 : openssl-1.0.1e-16.AXS4.14 (AXSA:2014-381:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-381:03 advisory. OpenSSL is a toolkit for supporting cryptography. The openssl-devel package contains include files needed to develop applications which support vario...

Malicious code in file-alb-um-zip-new-mp3-5298-reality-1-rymoz-ptimcb (npm)

The package file-alb-um-zip-new-mp3-5298-reality-1-rymoz-ptimcb was found to contain malicious code...

CVE-2025-5298 Campcodes Online Hospital Management System betweendates-detailsreports.php sql injection

A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function of the file /admin/betweendates-detailsreports.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to launch th...

CVE-2025-5298 Campcodes Online Hospital Management System betweendates-detailsreports.php sql injection

A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function of the file /admin/betweendates-detailsreports.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to launch th...

CVE-2025-5298

CVE-2025-5298 affects Campcodes Online Hospital Management System v1.0. The vulnerability lies in an unsafeguarded fromdate/todate parameter in /admin/betweendates-detailsreports.php, allowing remote SQL injection due to improper input handling. Multiple sources confirm exploitability and public ...

CVE-2023-5298

A vulnerability was found in Tongda OA 2017. It has been rated as critical. Affected by this issue is some unknown functionality of the file general/hr/recruit/requirements/delete.php. The manipulation of the argument REQUIREMENTSID leads to sql injection. The exploit has been disclosed to the...

CVE-2020-5298

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, a user with the ability to use the import functionality of the ImportExportController behavior can be socially engineered by an attacker to upload a maliciously crafted CSV file which could result in a...

RHEL 8 : gnome-shell (RHSA-2024:5298)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:5298 advisory. GNOME Shell acts as a compositing manager for the desktop, and displays both application windows and other objects. It provides core interface...

Oracle Linux 8 : gnome-shell (ELSA-2024-5298)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-5298 advisory. 3.32.2-56 - Only open portal login in response to user action Resolves: RHEL-39097 Tenable has extracted the preceding description block directly from the Oracl...

CVE-2024-5298

D-Link D-View queryDeviceCustomMonitorResult Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link D-View. Although authentication is required to exploit this vulnerability, the existi...

Rockwell Automation Stratix SSL_MODE_RELEASE_BUFFERS Session Injection or Denial of Service (CVE-2010-5298)

Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to execute arbitrary code, create a denial of service DoS condition, or perform a man-in-the-middle attack. This plugin only works with...

CVE-2023-5298

A vulnerability was found in Tongda OA 2017. It has been rated as critical. Affected by this issue is some unknown functionality of the file general/hr/recruit/requirements/delete.php. The manipulation of the argument REQUIREMENTSID leads to sql injection. The exploit has been disclosed to the...

CVE-2023-5298

CVE-2023-5298 : Tongda OA 2017 contains a SQL injection in the file general/hr/recruit/requirements/delete.php via manipulation of the REQUIREMENTS_ID parameter. The issue is validated across multiple sources (e.g., Red Hat, CVE listings, PT Security, CNVD). Impact is described as critical; upgra...

Security Bulletin: IBM BladeCenter Advanced Management Module is affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, and CVE-2014-3470.

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details Abstract Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Content Vulnerability...

SUSE CVE-2015-5298

The Google Login Plugin versions 1.0 and 1.1 allows malicious anonymous users to authenticate successfully against Jenkins instances that are supposed to be locked down to a particular Google Apps domain through client-side request modification...

CVE-2015-5298

creationtimestamp| type| source ---|---|--- 2022-07-07 22:15:35+00:00| seen| https://t.me/cibsecurity/45767...

CVE-2015-5298

The CVE-2015-5298 entry concerns the Jenkins Google Login Plugin versions 1.0 and 1.1. The vulnerability arises from client-side request modification that bypasses domain-restriction controls, allowing malicious anonymous users to authenticate against Jenkins instances that should be limited to a...

Mageia: Security Advisory (MGASA-2014-0187)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Power Hardware Management Console is Affected by Vulnerabilities in OpenSSL (CVE-2014-0224, CVE-2014-0221, CVE- 2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470)

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients and servers. A remote attacker could exploit this...