CVE-2026-5320

creationtimestamp| type| source ---|---|--- 2026-04-02 06:06:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3miijznqgef2o 2026-04-02 07:15:36+00:00| seen| Telegram/W6jOpjyTj769pCXa-ZRWw2obquTHPJnxlg6AY1uAebMFs...

RHEL 7 : libvpx (RHSA-2026:5320)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5320 advisory. The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia...

ace-step (=0.1.0), ambientagi (>=0.1.1 <=0.2.12) +40 more potentially affected by CVE-2025-5320 via gradio (>=5.0.0 <=5.29.1)

gradio PYPI version =5.0.0, =0.1.1, =0.0.1, =1.0.1, =0.1.2, =0.0.5, =0.1.0, =0.0.2, =0.1.0, =2.0.0, =1.1.8b3, =1.0.0, =2025.1.24, =2025.11.0b3 and more Source cves: CVE-2025-5320 Source advisory: OSV:GHSA-WMJH-CPQJ-4V6X...

CVE-2025-5320

A vulnerability classified as problematic has been found in gradio-app gradio up to 5.29.1. This affects the function isvalidorigin of the component CORS Handler. The manipulation of the argument localhostaliases leads to erweiterte Rechte. It is possible to initiate the attack remotely. The...

3d-rcnet (>=0.2.2 <=0.2.3), aa-prepflow (>=0.1.0 <=0.1.1) +1116 more potentially affected by CVE-2025-5320 via gradio (>=1.7.7 <=6.9.0)

gradio PYPI version =1.7.7, =0.2.2, =0.1.0, =0.3.0, =0.0.3, =0.1.5, =0.8.2.4, =0.2.1, =0.1.0, =0.1.0, =0.1.0, =2.0.0, =0.1.4, =0.1.11 and more Source cves: CVE-2025-5320 Source advisory: SNYK:PYTHON-GRADIO-10265013...

CVE-2025-5320 gradio-app gradio CORS is_valid_origin privilege escalation

A vulnerability classified as problematic has been found in gradio-app gradio up to 5.29.1. This affects the function isvalidorigin of the component CORS Handler. The manipulation of the argument localhostaliases leads to erweiterte Rechte. It is possible to initiate the attack remotely. The...

CVE-2025-5320

CVE-2025-5320 affects gradio-app/gradio up to version 5.29.1. The vulnerability lies in the CORS Handler’s is_valid_origin function, where manipulating the localhost_aliases argument can lead to an origin validation error and potential privilege escalation. Exploitation is described as remote wit...

CVE-2019-5320

Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08. before 16.08.0009, 16.09. before 16.09.0007, 16.10. before 16.10.0003 are vulnerable to Cross Site Scripting in the web UI, leading to injection of code...

Linux Distros Unpatched Vulnerability : CVE-2011-5320

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scanf and related functions in glibc before 2.15 allow local users to cause a denial of service segmentation fault via a large string of 0s. CVE-2011-5320 Note...

Schneider Electric多款产品 资源管理错误漏洞

The Schneider Electric PowerLogic PM5320, among others, is a power and energy meter from Schneider Electric France. A resource management error vulnerability exists in various Schneider Electric products that stems from the presence of uncontrolled resource consumption, which could result in an...

CVE-2023-5320

creationtimestamp| type| source ---|---|--- 2023-09-30 07:38:19+00:00| seen| https://t.me/cibsecurity/71342...

CVE-2023-5320 Cross-site Scripting (XSS) - DOM in thorsten/phpmyfaq

Cross-site Scripting XSS - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.18...

CVE-2023-5320 Cross-site Scripting (XSS) - DOM in thorsten/phpmyfaq

Cross-site Scripting XSS - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.18...

CVE-2023-5320

CVE-2023-5320 is a DOM-based XSS in phpMyFAQ prior to version 3.1.18. The vulnerability affects the web interface’s client-side DOM handling, allowing a crafted input to execute arbitrary scripts in a victim’s browser. Exploitation requires user interaction (UI:R) and is scoped to the affected ap...

CVE-2023-5320 Cross-site Scripting (XSS) - DOM in thorsten/phpmyfaq

Cross-site Scripting XSS - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.18...

com.piketec.jenkins.plugins:piketec-tpt (=6.3), io.jenkins.plugins:aws-lambda-cloud (>=0.3 <=0.4) +13 more potentially affected by CVE-2015-5320 via org.jenkins-ci.main:jenkins-core (>=1.626 <=1.637)

org.jenkins-ci.main:jenkins-core MAVEN version =1.626, =0.3, =1.2, =1.1.2, =1.626, =1.626, =1.1.0, =0.1, =0.2, =0.1, =2.4, =1.626, =1.21, =1.0.3, =1.0, =2.0.27 Source cves: CVE-2015-5320 Source advisory: OSV:GHSA-449Q-V4J2-5H8P...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1304 more potentially affected by CVE-2015-5320 via org.jenkins-ci.main:jenkins-core (>=1.396 <=1.625.1)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =0.0.1, =0.9, =1.3, =1.0, =1.0, =2.2.1, =1.0.3, =1.0.0, =1.0, =1.0.0, =1.2.0 and more Source cves: CVE-2015-5320 Source advisory: OSV:GHSA-449Q-V4J2-5H8P...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Expat vulnerabilities and regression (USN-5320-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5320-1 advisory. USN-5288-1 fixed several vulnerabilities in Expat. For CVE-2022-25236 it caused a regression and an additional patch was required...

CVE-2020-5320

Dell EMC OpenManage Enterprise OME versions prior to 3.2 and OpenManage Enterprise-Modular OME-M versions prior to 1.10.00 contain a SQL injection vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to execute SQL commands to...

CVE-2020-5320

Summary: CVE-2020-5320 affects Dell EMC OpenManage Enterprise (OME) and OpenManage Enterprise-Modular (OME-M). The vulnerability is a SQL injection in versions prior to OME 3.2 and OME-M prior to 1.10.00. A remote authenticated attacker with high privileges could potentially execute SQL commands ...