Linux Distros Unpatched Vulnerability : CVE-2026-5402

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TLS protocol dissector heap overflow in Wireshark 4.6.0 to 4.6.4 allows denial of service and possible code execution CVE-2026-5402 Note that Nessus relies on t...

CVE-2026-5402 Heap-based Buffer Overflow in Wireshark

TLS protocol dissector heap overflow in Wireshark 4.6.0 to 4.6.4 allows denial of service and possible code execution...

Mozilla Firefox ESR < 45.8

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 45.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-06 advisory. - Mozilla developers and community members Boris Zbarsky, Christian Holler, Honza Bambas, Jon Coppeard,...

Mozilla Thunderbird < 45.8

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 45.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-07 advisory. - Mozilla developers and community members Boris Zbarsky, Christian Holler, Honza Bambas, Jon Coppeard,...

CVE-2025-5402

A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/includes/editpost.php of the component GET Parameter Handler. The manipulation of the argument...

CVE-2025-5402

A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/includes/editpost.php of the component GET Parameter Handler. The manipulation of the argument...

CVE-2025-5402 chaitak-gorai Blogbook GET Parameter edit_post.php sql injection

A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/includes/editpost.php of the component GET Parameter Handler. The manipulation of the argument...

CVE-2025-5402 chaitak-gorai Blogbook GET Parameter edit_post.php sql injection

A vulnerability was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/includes/editpost.php of the component GET Parameter Handler. The manipulation of the argument...

CVE-2025-5402

CVE-2025-5402 affects chaitak-gorai Blogbook. The vulnerable component is the GET Parameter Handler in the file /admin/includes/edit_post.php, where manipulating the edit_post_id parameter leads to SQL injection. Exploitation is described as possible remotely and publicly disclosed. Several sourc...

CVE-2017-5402

creationtimestamp| type| source ---|---|--- 2025-01-16 02:48:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lftbeh5i5n2h...

Oracle Linux 8 : thunderbird (ELSA-2024-5402)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-5402 advisory. 115.14.0-1.0.1 - Add Oracle prefs file 115.14.0 - Add OpenELA debranding 115.14.0-1 - Update to 115.14.0 build1 Tenable has extracted the preceding...

Backdoor.Win32.Nightmare.25 MVID-2024-0687 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/0fe8f37543e8face08941899add38e35.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.Nightmare.25 Vulnerability: Unauthenticated Remote Command Execution Family:...

CVE-2024-5402

creationtimestamp| type| source ---|---|--- 2024-07-15 15:10:32+00:00| seen| https://t.me/cvedetector/863...

CVE-2024-5402

CVE-2024-5402 affects ABB Mint Workbench I, specifically versions 5866 through 5868. The issue is an unquoted search path or element vulnerability that lets a local attacker escalate privileges by placing an executable in the path of the affected service. The root cause is the unquoted path handl...

MAL-2024-658 Malicious code in wlwz-2312-5402 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b62e23de2f48b3cc8a95ea998a7e19913b9d25dba3c62c13584de6caa9494df Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wlwz-2312-5402 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b62e23de2f48b3cc8a95ea998a7e19913b9d25dba3c62c13584de6caa9494df Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Schneider Electric SpaceLogic C-Bus Toolkit

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schneider Electric Equipment : SpaceLogic C-Bus Toolkit Vulnerabilities : Improper Privilege Management, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

CVE-2023-5402

creationtimestamp| type| source ---|---|--- 2023-10-04 22:12:10+00:00| seen| https://t.me/cibsecurity/71621...

CVE-2023-5402

A CWE-269: Improper Privilege Management vulnerability exists that could cause a remote code execution when the transfer command is used over the network...

CVE-2023-5402

Schneider Electric SpaceLogic C-Bus Toolkit is affected by CVE-2023-5402 (CWE-269: Improper Privilege Management). The vulnerability exists in the TransferCommand flow over the network and could enable remote code execution. Reported in multiple sources, the issue is exploitable remotely with low...