64 matches found
MINI-5XCR-5479-36X7
Bulletin has no description...
CVE-2026-5479
creationtimestamp| type| source ---|---|--- 2026-04-10 05:15:56+00:00| published-proof-of-concept| Telegram/1WdkdhXUJmGV7ePrqgJjIpgxUFBJfkFq-ncP6HWfcjVt70...
CVE-2026-5479 wolfSSL EVP ChaCha20-Poly1305 AEAD authentication tag
In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSLEVPCipherFinal and related EVP cipher finalization functions fails to verify the authentication tag before returning plaintext to the caller. When an application uses the EVP API to perform ChaCha20-Poly1305 decryption,...
CVE-2026-5479
In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSLEVPCipherFinal and related EVP cipher finalization functions fails to verify the authentication tag before returning plaintext to the caller. When an application uses the EVP API to perform ChaCha20-Poly1305 decryption,...
CVE-2026-5479
In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSLEVPCipherFinal and related EVP cipher finalization functions fails to verify the authentication tag before returning plaintext to the caller. When an application uses the EVP API to perform ChaCha20-Poly1305 decryption,...
Linux Distros Unpatched Vulnerability : CVE-2026-5479
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSLEVPCipherFinal and related EVP cipher finalization functions fails to verify the...
ANT-2026-RSSMAMA7 · wolfSSL · crypto-failure
crypto-failure high CVE-2026-5479 Severity Claude high · Security research firm high · Maintainer - Discovered by Claude Mythos Preview SECURITY RESEARCH FIRM ANALYSIS Triage and disclosure were performed by Calif. Verdict: true positive Severity: high TIMELINE Dates from discovery through public...
CVE-2025-5479 Sony XAV-AX8500 Bluetooth AVCTP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability
Sony XAV-AX8500 Bluetooth AVCTP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a malicio...
CVE-2025-5479 Sony XAV-AX8500 Bluetooth AVCTP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability
Sony XAV-AX8500 Bluetooth AVCTP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a malicio...
CVE-2025-5479
creationtimestamp| type| source ---|---|--- 2025-06-11 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-356/ 2025-06-21 00:45:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19091 2025-06-21 01:06:35+00:00| published-proof-of-concept|...
CVE-2013-5479
The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service device reload via a crafted IPv4 DNS TCP stream, aka Bug ID CSCtn53730...
CVE-2006-5479
The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows remote attackers to cause an unspecified denial of service via a certain "NCP Fragment."...
CVE-2024-5479 Easy Pixels by JEVNET <= 2.13 - Unauthenticated Stored Cross-Site Scripting
The Easy Pixels plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin settings in all versions up to, and including, 2.13 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in page...
CVE-2024-5479 Easy Pixels by JEVNET <= 2.13 - Unauthenticated Stored Cross-Site Scripting
The Easy Pixels plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin settings in all versions up to, and including, 2.13 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in page...
WordPress Easy Pixels Plugin <= 2.13 is vulnerable to Cross Site Scripting (XSS)
Software Easy Pixels Type Plugin Vulnerable versions = 2.13 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5479 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4b79cc61de42 Credits Lucio Sá Required privile...
Fedora: Security Advisory for chromium (FEDORA-2023-8c9fd2a001)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 38 : chromium (2023-8c9fd2a001)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-8c9fd2a001 advisory. Update to 118.0.5993.70. Include following security fixes: - CVE-2023-5218: Use after free in Site Isolation. - CVE-2023-5487: Inappropriate...
Mageia: Security Advisory (MGASA-2023-0289)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated chromium-browser-stable packages fix bugs and vulnerabilities
The chromium-browser-stable package has been updated to the 118.0.5993.70 release, fixing 20 bugs and vulnerabilities. Some of the security fixes are: Critical CVE-2023-5218: Use after free in Site Isolation. Reported by @18 on 2023-09-27 Medium CVE-2023-5487: Inappropriate implementation in...
MGASA-2023-0289 Updated chromium-browser-stable packages fix bugs and vulnerabilities
The chromium-browser-stable package has been updated to the 118.0.5993.70 release, fixing 20 bugs and vulnerabilities. Some of the security fixes are: Critical CVE-2023-5218: Use after free in Site Isolation. Reported by @18 on 2023-09-27 Medium CVE-2023-5487: Inappropriate implementation in...