CVE-2026-5352

A security vulnerability has been detected in Trendnet TEW-657BRM 1.00.1. This impacts the function Edit of the file /setup.cgi. Such manipulation of the argument pcdblist leads to os command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used...

CVE-2025-5352

creationtimestamp| type| source ---|---|--- 2025-08-23 07:31:44+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lx2hcaedrp25 2025-12-06 03:00:05+00:00| seen| Telegram/w9zN8kEWGrj3qsEmiR0Uos76ZxyKnO6RlLbWXw3M07fNo7k...

CVE-2024-5352

A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been rated as critical. Affected by this issue is the function validationRules of the component com.anjiplus.template.gaea.business.modules.datasetparam.controller.DataSetParamControllerverification. The manipulation leads to...

CVE-2023-5352

The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the wpaseditreply function, allowing users to edit posts for which they do not have permission...

CVE-2019-5352

A remote code execution vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

Siemens SCALANCE X-200RNA Switch Devices Improper Access Control (CVE-2015-5352)

The x11openhelper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time...

Linux Distros Unpatched Vulnerability : CVE-2016-5352

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.4 mishandles certain length values, which allows remote attackers to cause a deni...

Linux Distros Unpatched Vulnerability : CVE-2015-5352

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The x11openhelper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X...

CVE-2024-5352

creationtimestamp| type| source ---|---|--- 2024-06-21 20:37:55+00:00| seen| https://t.me/arvinclub1/1118...

CVE-2024-5352

A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been rated as critical. Affected by this issue is the function validationRules of the component com.anjiplus.template.gaea.business.modules.datasetparam.controller.DataSetParamControllerverification. The manipulation leads to...

CVE-2023-5352

creationtimestamp| type| source ---|---|--- 2023-11-07 00:26:12+00:00| seen| https://t.me/cibsecurity/73653...

WordPress Awesome Support Plugin < 6.1.5 is vulnerable to Broken Access Control

Software Awesome Support Type Plugin Vulnerable versions 6.1.5 Fixed in 6.1.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-5352 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 07a73880431c Credits Krzysztof Zając CERT PL Required...

CVE-2023-5352 Awesome Support < 6.1.5 - Insufficient permission check in wpas_edit_reply

The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the wpaseditreply function, allowing users to edit posts for which they do not have permission...

CVE-2023-5352

The CVE-2023-5352 entry relates to the WordPress plugin Awesome Support prior to version 6.1.5, where an insufficient authorization check in the wpas_edit_reply function allows a user to edit posts for which they lack permission. Affected versions are prior to 6.1.5; the issue is documented with ...

CVE-2023-5352 Awesome Support < 6.1.5 - Insufficient permission check in wpas_edit_reply

The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the wpaseditreply function, allowing users to edit posts for which they do not have permission...

Debian: Security Advisory (DLA-288-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K16443: MIT Kerberos 5 vulnerabilities CVE-2014-9421 and CVE-2014-5352

Security Advisory Description CVE-2014-9421 The authgssapiunwrapdata function in lib/rpc/authgssapimisc.c in MIT Kerberos 5 aka krb5 through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly handle partial XDR deserialization, which allows remote authenticated users to cau...

K17461: OpenSSH vulnerability CVE-2015-5352

Security Advisory Description The x11openhelper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection...

SUSE CVE-2015-5352

The x11openhelper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time...

Security Bulletin: IBM DataPower Gateway affected by vulnerabilities in Kerberos

Summary IBM has provided explicit mitigation for the following Kerberos CVEs. DataPower did not previously provide the conditions necessary to exploit these CVEs. The explicit mitigations provided here protect against possible future changes that might have made them exploitable. Vulnerability...