55 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-5315
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbttbufget8 in the library stbtruetype.h of the component TTF...
CVE-2026-5315
creationtimestamp| type| source ---|---|--- 2026-04-02 02:26:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mii5pwavgt25...
CVE-2025-5315
An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed...
CVE-2025-5315
creationtimestamp| type| source ---|---|--- 2025-06-26 05:49:31+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19575 2025-06-26 10:40:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsiwt23xkc2p...
CVE-2025-5315
Removed by vendor...
CVE-2025-5315 Missing Authorization in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed...
GitLab 17.2 < 17.11.5 / 18.0 < 18.0.3 / 18.1 < 18.1.1 (CVE-2025-5315)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Missing Authorization in GitLab CVE-2025-5315 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenabl...
Linux Distros Unpatched Vulnerability : CVE-2016-5315
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The setByteArray function in tifdir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read via a crafted tiff...
RHEL 7 : open-vm-tools (RHSA-2024:5315)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5315 advisory. The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization...
CVE-2024-5315 Multiple vulnerabilities in DOLIBARR's ERP CMS
Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters viewstatut in...
CVE-2024-5315 Multiple vulnerabilities in DOLIBARR's ERP CMS
Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters viewstatut in...
CVE-2023-5315
The Google Maps made Simple plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 0.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2023-5315 Google Maps made Simple <= 0.6 - Authenticated (Subscriber+) SQL Injection via Shortcode
The Google Maps made Simple plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 0.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
WordPress Google Maps made Simple Plugin <= 0.6 is vulnerable to SQL Injection
Software Google Maps made Simple Type Plugin Vulnerable versions = 0.6 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-5315 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 9139046f56f6 Credits István Márton Required privilege Subscriber...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : Ansible vulnerabilities (USN-5315-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5315-1 advisory. It was discovered that Ansible did not properly manage directory permissions when running playbooks with an...
SUSE CVE-2015-5315
The eappwdprocess function in eappeer/eappwd.c in wpasupplicant 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when EAP-pwd is enabled in a network configuration profile, which allows remote attackers to cause a denial of service process...
Debian DSA-5315-1 : libxstream-java - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dsa-5315 advisory. XStream serializes Java objects to XML and back again. Versions prior to 1.4.15-3+deb11u2 may allow a remote attacker to terminate the application with a stack overflow...
CVE-2020-5315
Dell EMC Repository Manager (DRM) 3.2 contains a plain-text password storage vulnerability for proxy server credentials in the local database. An attacker with local file-system access and authentication could extract these passwords and gain the compromised user’s privileges. The issue is descri...
SUSE: Security Advisory (SUSE-SU-2018:1472-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-5315
The CVE-2019-5315 entry concerns ArubaOS (8.x) where the web management interface is vulnerable to a command‑injection through an authenticated user. The underlying issue allows arbitrary OS commands to be executed, enabling a malicious administrator to install backdoors or alter configuration in...