CVE-2026-5433

creationtimestamp| type| source ---|---|--- 2026-05-21 13:28:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmejlbg5wi2v...

CVE-2026-5433

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-5433

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Mozilla Thunderbird < 52.1

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 52.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-13 advisory. - Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex...

CVE-2025-5433

A vulnerability was found in Fengoffice Feng Office 3.5.1.5 and classified as critical. Affected by this issue is some unknown functionality of the file /index.php?c=account=settimezone. The manipulation of the argument tzoffset leads to sql injection. The attack may be launched remotely. The...

CVE-2025-5433

A vulnerability was found in Fengoffice Feng Office 3.5.1.5 and classified as critical. Affected by this issue is some unknown functionality of the file /index.php?c=account&a=settimezone. The manipulation of the argument tzoffset leads to sql injection. The attack may be launched remotely. The...

CVE-2025-5433 Fengoffice Feng Office index.php sql injection

A vulnerability was found in Fengoffice Feng Office 3.5.1.5 and classified as critical. Affected by this issue is some unknown functionality of the file /index.php?c=account&a=settimezone. The manipulation of the argument tzoffset leads to sql injection. The attack may be launched remotely. The...

CVE-2025-5433

CVE-2025-5433 affects Fengoffice Feng Office 3.5.1.5. The vulnerability is an SQL injection in the endpoint /index.php?c=account&a=set_timezone, caused by manipulation of the tz_offset parameter. It is exploitable remotely and the exploit has been publicly disclosed. Multiple sources corroborate ...

Linux Distros Unpatched Vulnerability : CVE-2017-5433

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller whil...

CVE-2024-5433 Path Traversal in Campbell Scientific CSI Web Server and RTMC

The Campbell Scientific CSI Web Server supports a command that will return the most recent file that matches a given expression. A specially crafted expression can lead to a path traversal vulnerability. This command combined with a specially crafted expression allows anonymous, unauthenticated...

CVE-2024-5433 Path Traversal in Campbell Scientific CSI Web Server and RTMC

The Campbell Scientific CSI Web Server supports a command that will return the most recent file that matches a given expression. A specially crafted expression can lead to a path traversal vulnerability. This command combined with a specially crafted expression allows anonymous, unauthenticated...

CVE-2024-5433

The CVE-2024-5433 vulnerability affects Campbell Scientific CSI Web Server (and RTMC Pro) and is caused by a path traversal flaw in a command that returns the most recent file matching a given expression. Versions 1.6 and earlier of the CSI Web Server (and RTMC Pro 5.x/4.x) are affected. An attac...

CentOS 8 : firefox (CESA-2023:5433)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:5433 advisory. - During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. This vulnerabili...

CVE-2023-5433

creationtimestamp| type| source ---|---|--- 2023-10-31 11:20:55+00:00| seen| https://t.me/cibsecurity/73209...

CVE-2023-5433 Message ticker <= 9.2 - Authenticated (Subscriber+) SQL Injection via Shortcode

The Message ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticate...

CVE-2023-5433

CVE-2023-5433 affects the WordPress Message ticker plugin up to version 9.2. The root cause is insufficient escaping of user-supplied shortcode parameters and inadequate preparation of the SQL query, enabling authenticated attackers with subscriber-level or higher permissions to inject additional...

WordPress Message ticker Plugin <= 9.2 is vulnerable to SQL Injection

Software Message ticker Type Plugin Vulnerable versions = 9.2 Fixed in 9.3 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-5433 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 7c80f52b28f8 Credits István Márton Required privilege Contributor Published ...

Oracle Linux 8 : firefox (ELSA-2023-5433)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-5433 advisory. 115.3.1-1.0.1 - Update to 115.3.1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

RHEL 8 : firefox (RHSA-2023:5433)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5433 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

Debian DSA-5433-1 : libx11 - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5433 advisory. Gregory James Duck reported that missing input validation in various functions provided by libx11, the X11 client-side library, may result in denial of service. For t...