CVE-2026-5437

creationtimestamp| type| source ---|---|--- 2026-04-09 17:09:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj3cdrxerf2z 2026-04-10 15:45:27+00:00| seen| https://bsky.app/profile/hendryadrian.bsky.social/post/3mj5o4taedu2u 2026-04-14 20:03:14+00:00| published-proof-of-concept|...

CVE-2026-5437

An out-of-bounds read vulnerability exists in DicomStreamReader during DICOM meta-header parsing. When processing malformed metadata structures, the parser may read beyond the bounds of the allocated metadata buffer. Although this issue does not typically crash the server or expose data directly ...

Multiple Heap Buffer Overflows in Orthanc DICOM Server

Overview Multiple vulnerabilities have been identified in Orthanc DICOM Server version, 1.12.10 and earlier, that affect image decoding and HTTP request handling components. These vulnerabilities include heap buffer overflows, out-of-bounds reads, and resource exhaustion vulnerabilities that may...

CVE-2025-5437

A vulnerability classified as critical has been found in Multilaser Sirius RE016 MLT1.0. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Password Change Handler. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The...

CVE-2025-5437

creationtimestamp| type| source ---|---|--- 2025-06-02 09:05:21+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqmg7dhiz6e2 2025-06-02 11:42:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqmp3bu2jn2e...

CVE-2025-5437 Multilaser Sirius RE016 Password Change cstecgi.cgi improper authentication

A vulnerability classified as critical has been found in Multilaser Sirius RE016 MLT1.0. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Password Change Handler. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The...

CVE-2025-5437 Multilaser Sirius RE016 Password Change cstecgi.cgi improper authentication

A vulnerability classified as critical has been found in Multilaser Sirius RE016 MLT1.0. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Password Change Handler. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The...

CVE-2025-5437

The CVE-2025-5437 vulnerability affects Multilaser Sirius RE016 MLT1.0 in the Password Change Handler component, specifically the file /cgi-bin/cstecgi.cgi. The issue arises from manipulation of an unknown function, causing improper authentication. It can be exploited remotely and exploits have b...

CVE-2024-5437

Affected software: SourceCodester Simple Online Bidding System 1.0. The vulnerability is in the save_category function (file /admin/index.php?page=categories) where manipulating the argument name triggers cross-site scripting (XSS). Exploitation is possible remotely and publicly disclosed (VDB-26...

CVE-2023-5437

creationtimestamp| type| source ---|---|--- 2023-10-31 11:21:02+00:00| seen| https://t.me/cibsecurity/73215...

RHEL 8 : firefox (RHSA-2023:5437)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5437 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

Debian DSA-5437-1 : hsqldb - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5437 advisory. - A flaw was found in the Libreoffice package. An attacker can craft an odb containing a database/script file with a SCRIPT command where the contents of the file cou...

Ubuntu: Security Advisory (USN-5437-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0118)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1175-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1248-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-5437

...

CVE-2020-5437

The CVE entry is rejected/not used as explicitly stated in the Initial Description.

CentOS 7 : kernel (RHSA-2020:5437)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5437 advisory. - The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs...

CentOS: Security Advisory for bpftool (CESA-2020:5437)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...