CVE-2026-5314 Nothings stb TTF File stb_truetype.h stbtt_InitFont_internal out-of-bounds

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbttInitFontinternal in the library stbtruetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made...

CVE-2016-8338

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental...

WordPress DearFlip plugin <= 2.3.65 - DOM-Based Reflected Cross-Site Scripting via 'pdf-source' vulnerability

DOM-Based Reflected Cross-Site Scripting via 'pdf-source' vulnerability discovered by Martin Herancourt in WordPress Plugin DearFlip versions = 2.3.65...

CVE-2013-5314

Cross-site scripting XSS vulnerability in serendipityadminimageselector.php in Serendipity 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the serendipityhtmltarget parameter...

CVE-2010-5314

Cross-site scripting XSS vulnerability in controllers/homecontroller.php in BEdita before 3.1 allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter to news/index...

Linux Distros Unpatched Vulnerability : CVE-2016-5314

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the PixarLogDecode function in tifpixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service application...

Linux Distros Unpatched Vulnerability : CVE-2016-5875

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE...

CVE-2024-5314

Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters sortorder y sortfield in...

CVE-2024-5314 Multiple vulnerabilities in DOLIBARR's ERP CMS

Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters sortorder y sortfield in...

CVE-2023-5314

WP EXtra plugin for WordPress (any version ≤ 6.2) is affected by a missing capability check in the test-email portion of the register() function, allowing authenticated users with minimal privileges (e.g., subscriber) to send emails with arbitrary content via the site’s mail server. CVSS v3.1 bas...

Rocky Linux 8 : expat (RLSA-2022:5314)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5314 advisory. - In Expat aka libexpat before 2.4.5, an attacker can trigger stack exhaustion in buildmodel via a large nesting depth in the DTD element. CVE-2022-2531...

WordPress WP EXtra Plugin <= 6.2 is vulnerable to Broken Access Control

Software WP EXtra Type Plugin Vulnerable versions = 6.2 Fixed in 6.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-5314 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 55747fccb396 Credits TP Cyber Security Required privilege...

K89096577: LibTIFF vulnerabilities CVE-2016-5314 and CVE-2015-8784

Security Advisory Description CVE-2016-5314 Buffer overflow in the PixarLogDecode function in tifpixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by...

SUSE CVE-2016-5320

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental...

SUSE CVE-2016-5875

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental...

Debian: Security Advisory (DSA-5314-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 : expat (ELSA-2022-5314)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5314 advisory. - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 - Improve fix for CVE-2022-25313 - Related: CVE-2022-25313 - Resolves:...

Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5314-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5314-1 advisory. A use-after-free was discovered when removing an XSLT parameter in some circumstances. If a user were tricked into opening a specially crafte...

SUSE: Security Advisory (SUSE-SU-2016:2527-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : firefox (RHSA-2020:5314)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5314 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...