CVE-2026-5441

creationtimestamp| type| source ---|---|--- 2026-04-09 16:37:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj3akbtzvd2t 2026-04-14 20:03:14+00:00| published-proof-of-concept| Telegram/P20Htht508gPcGtfhYsw3BkHMYZAVXCzBRlMvbh3o3mGtY...

CVE-2026-5441 Out-of-Bounds Read in DicomImageDecoder (PMSCT_RLE1 Decompression)

An out-of-bounds read vulnerability exists in the DecodePsmctRle1 function of DicomImageDecoder.cpp. The PMSCTRLE1 decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafte...

Linux Distros Unpatched Vulnerability : CVE-2026-5441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability exists in the DecodePsmctRle1 function of DicomImageDecoder.cpp. The PMSCTRLE1 decompression routine, which decodes the...

Linux Distros Unpatched Vulnerability : CVE-2016-5441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication...

TencentOS Server 4: vim (TSSA-2024:1005)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1005 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2025-5441

A vulnerability classified as critical was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function setDeviceURL of the file /goform/setDeviceURL. The manipulation of the argument DeviceURL...

CVE-2025-5441 Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 setDeviceURL os command injection

A vulnerability classified as critical was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function setDeviceURL of the file /goform/setDeviceURL. The manipulation of the argument DeviceURL...

Linux Distros Unpatched Vulnerability : CVE-2023-5441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. CVE-2023-5441 Note that Nessus relies on the presence o...

Linux Distros Unpatched Vulnerability : CVE-2017-5441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. This vulnerability affects...

CVE-2024-5441

creationtimestamp| type| source ---|---|--- 2024-07-09 08:53:52+00:00| seen| https://t.me/cvedetector/255 2024-07-09 10:08:51+00:00| exploited| https://t.me/HackingInsights/5328 2024-07-10 12:23:25+00:00| exploited| https://t.me/Kelvinseccommunity/537 2024-07-10 12:23:47+00:00| exploited|...

$3,094 Bounty Awarded and 150,000 WordPress Sites Protected Against Arbitrary File Upload Vulnerability Patched in Modern Events Calendar WordPress Plugin

📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...

WordPress Modern Events Calendar Plugin <= 7.11.0 is vulnerable to Arbitrary File Upload

Software Modern Events Calendar Type Plugin Vulnerable versions = 7.11.0 Fixed in 7.12.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-5441 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID ef52f2e3acfd Credits Foxyyy Required privilege...

WordPress Modern Events Calendar Lite Plugin <= 7.11.0 is vulnerable to Arbitrary File Upload

Software Modern Events Calendar Lite Type Plugin Vulnerable versions = 7.11.0 Fixed in 7.12.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-5441 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 9f8e6c792dc5 Credits Foxyyy Required privilege...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2024-1393)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for vim (SUSE-SU-2023:4587-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : vim (EulerOS-SA-2024-1075)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2024-1024)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : vim (ALAS-2023-1893)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1893 advisory. Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file...

SUSE: Security Advisory (SUSE-SU-2023:4587-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : vim (SUSE-SU-2023:4587-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4587-1 advisory. - Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory...