MiracleLinux 4 : gnutls-2.12.23-21.AXS4 (AXSA:2017-1381:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1381:01 advisory. GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library...

WordPress Click to Chat plugin <= 4.22 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via data-no_number Parameter vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via data-nonumber Parameter vulnerability discovered by Asaf Mozes in WordPress Plugin Click to Chat versions = 4.22...

CVE-2025-5336

creationtimestamp| type| source ---|---|--- 2025-06-14 08:34:05+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18361...

CVE-2025-5336 Click to Chat <= 4.22 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via data-no_number Parameter

The Click to Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-nonumber’ parameter in all versions up to, and including, 4.22 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...

Linux Distros Unpatched Vulnerability : CVE-2018-5336

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the...

Linux Distros Unpatched Vulnerability : CVE-2017-5336

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer overflow in the cdkpkgetkeyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have...

CGA-5336-88FF-GM8G

Bulletin has no description...

CVE-2024-5336

CVE-2024-5336 affects Ruijie RG-UAC up to 20240516. The vulnerability resides in the addVlan function at /view/networkConfig/vlan/vlan_add_commit.php, where manipulation of the phyport argument leads to an OS command injection. It is a network-facing issue with remote exploitation; the exploit ha...

RHEL 8 : wireshark (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wireshark: free operation on an uninitialized memory address in wiretap/netmon.c CVE-2018-6836 - In...

Ubuntu 16.04 ESM : libjpeg9 vulnerabilities (USN-5336-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5336-1 advisory. Aladdin Mubaied discovered that the cjpeg utility in libjpeg9 did not properly validate the input image's size. An attacker could possibly use this issue...

CVE-2023-5336

creationtimestamp| type| source ---|---|--- 2023-10-19 07:34:09+00:00| seen| https://t.me/cibsecurity/72545...

WordPress iPanorama 360 WordPress Virtual Tour Builder Plugin <= 1.8.0 is vulnerable to SQL Injection

Software iPanorama 360 WordPress Virtual Tour Builder Type Plugin Vulnerable versions = 1.8.0 Fixed in 1.8.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-5336 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 25ea3eb9ee79 Credits István Márton Require...

SUSE CVE-2017-5336

Stack-based buffer overflow in the cdkpkgetkeyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate...

SUSE: Security Advisory (SUSE-SU-2018:0179-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:0304-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for wireshark (EulerOS-SA-2021-1859)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:0348-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EMC RSA Archer < 6.5.0.7, < 6.6.0.6 and < 6.7.0.1 Multiple Vulnerabilities

The version of EMC RSA Archer running on the remote web server is prior to 6.7.0.3 6.7 P3 or 6.6 P6 6.6.0.6. It is, therefore, affected by multiple vulnerabilities: - RSA Archer, versions prior to 6.7 P1 6.7.0.1, contain a URL injection vulnerability. An unauthenticated remote attacker could...

CVE-2019-5336

CVE-2019-5336 is rejected/not used per the Initial Description.

CVE-2019-5336

...