Mozilla Firefox ESR < 52.0.1

The version of Firefox ESR installed on the remote Windows host is prior to 52.0.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2017-08 advisory. - An integer overflow in createImageBitmap was reported through the Pwn2Own contest. The fix for this vulnerability disables...

CVE-2025-5428

A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the file /admin-cp/log-viewer of the component Error Logs Page. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2025-5428

A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the file /admin-cp/log-viewer of the component Error Logs Page. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2025-5428

CVE-2025-5428 affects juzaweb CMS up to 3.4.2. The issue is in the /admin-cp/log-viewer portion of the Error Logs Page, where improper access controls allow remote exploitation. Multiple sources (NVD, Red Hat, PT Security, CNNVD, OSV, etc.) confirm a critical, network-exploitable flaw with LOW co...

CVE-2025-5428 juzaweb CMS Error Logs Page log-viewer access control

A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the file /admin-cp/log-viewer of the component Error Logs Page. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2024-5428

A vulnerability classified as problematic was found in SourceCodester Simple Online Bidding System 1.0. Affected by this vulnerability is the function saveproduct of the file /admin/index.php?page=manageproduct of the component HTTP POST Request Handler. The manipulation leads to cross-site reque...

CVE-2024-5428

The CVE-2024-5428 entry applies to SourceCodester Simple Online Bidding System 1.0. The vulnerability is in the HTTP POST Request Handler, specifically the save_product function in /admin/index.php?page=manage_product, where a cross-site request forgery (CSRF) can be triggered remotely. Credible ...

CVE-2023-5428

creationtimestamp| type| source ---|---|--- 2023-10-31 11:20:49+00:00| seen| https://t.me/cibsecurity/73203...

CVE-2023-5428

CVE-2023-5428 affects the WordPress plugin “Image vertical reel scroll slideshow” up to version 9.0. Root cause: insufficient escaping of user-supplied parameter and inadequate query preparation in the plugin shortcode, enabling authenticated users with subscriber-level+ to inject additional SQL ...

CVE-2023-5428 Image vertical reel scroll slideshow <= 9.0 - Authenticated (Subscriber+) SQL Injection via Shortcode

The Image vertical reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

Oracle Linux 8 : thunderbird (ELSA-2023-5428)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-5428 advisory. 115.3.1-1.0.1 - Update to 115.3.1 build1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

RHEL 8 : thunderbird (RHSA-2023:5428)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5428 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.3.1. Security Fixes: firefox:...

Debian: Security Advisory (DSA-5428-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-5428

...

CVE-2016-5428

This CVE entry is rejected/not used and does not represent an active vulnerability.

Ubuntu 16.04 ESM : libXrandr vulnerabilities (USN-5428-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5428-1 advisory. Tobias Stoeckmann discovered that libXrandr incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service...

Mozilla Firefox Security Advisory (MFSA2017-08) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

CVE-2020-5428

creationtimestamp| type| source ---|---|--- 2021-01-27 20:37:36+00:00| seen| https://t.me/cibsecurity/22741...

CVE-2020-5428

In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer...

CVE-2020-5428 Possibility of SQL Injection in Spring Cloud Task Execution Sorting Query

In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer...