CVE-2026-5306

creationtimestamp| type| source ---|---|--- 2026-05-19 14:32:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mm7m7ma57d2a...

CVE-2026-5306

The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled...

MiracleLinux 8 : java-11-openjdk-11.0.19.0.7-1.el8 (AXSA:2023-5306:08)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5306:08 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

CVE-2025-5306 Command Injection in Netflow path

Improper Neutralization of Special Elements in the Netflow directory field may allow OS command injection. This issue affects Pandora FMS 774 through 778...

CVE-2020-5306

Codoforum 4.8.3 allows XSS via a post using parameters display name, title name, or content...

RHEL 7 : openstack-ironic-discoverd (RHSA-2015:1929)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:1929 advisory. Ironic provides bare metal provisioning for OpenStack nodes. It was discovered that enabling debug mode in openstack-ironic-discoverd also enables...

Oracle Linux 8 : orc (ELSA-2024-5306)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-5306 advisory. - Add patch for CVE-2024-40897 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

CVE-2024-5306

CVE-2024-5306 affects Kofax Power PDF. The issue is a memory corruption in the PDF file parsing path caused by insufficient validation of user-supplied data, allowing an attacker to execute arbitrary code in the context of the current process. Exploitation requires user interaction (target must v...

CVE-2020-5306

creationtimestamp| type| source ---|---|--- 2024-03-19 15:16:42+00:00| published-proof-of-concept| https://t.me/ctinow/211572...

openssl security update

1:3.0.7-25.0.1 - Replace upstream references Orabug: 34340177 1:3.0.7-25 - Provide relevant diagnostics when FIPS checksum is corrupted Resolves: RHEL-5317 - Don't limit using SHA1 in KDFs in non-FIPS mode. Resolves: RHEL-5295 - Provide empty evpproperties section in main OpenSSL configuration fi...

CVE-2023-5306

creationtimestamp| type| source ---|---|--- 2023-11-01 01:37:41+00:00| seen| https://t.me/cibsecurity/73278...

CVE-2023-5306

The CVE-2023-5306 entry corresponds to an issue in the Online Blood Donation Management System (version 1.0). The connected PT-2023-32026 report describes a Stored/Reflective Cross-Site Scripting vulnerability where the city parameter in users/register.php is copied into users/member.php as plain...

CVE-2023-5306

...

Ubuntu: Security Advisory (USN-5306-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS : WebKitGTK vulnerabilities (USN-5306-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5306-1 advisory. A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a...

CVE-2020-5306

Codoforum 4.8.3 allows XSS via a post using parameters display name, title name, or content...

CVE-2020-5306

CVE-2020-5306 affects Codoforum 4.8.3, with a cross-site scripting (XSS) vulnerability that can be triggered by a post using parameters such as display name , title name , or content . The connected documents confirm the vulnerable component (Codoforum 4.8.3) and the XSS class, but do not provide...

CVE-2019-5306

The CVE-2019-5306 FRP bypass affects Huawei P20 smartphones prior to Emily-AL00A 9.0.0.167(C00E81R1P21T8). According to connected sources, when reconfiguring via FRP, an attacker can bypass the activation lock and gain access to the device. Root cause is a bypass in Factory Reset Protection durin...

Security Advisory - FRP Bypass Vulnerability on Some Huawei Smartphones

There is a Factory Reset Protection FRP bypass security vulnerability in some Huawei smart phones. When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operation, As a result, the FRP function is bypassed and the attacker gains...

CVE-2018-5306

Multiple cross-site scripting XSS vulnerabilities in Sonatype Nexus Repository Manager aka NXRM 3.x before 3.8 allow remote attackers to inject arbitrary web script or HTML via 1 the repoId or 2 format parameter to service/siesta/healthcheck/healthCheckFileDetail/.../index.html; 3 the filename in...