CGA-99GG-5485-CVHJ

Bulletin has no description...

Amazon Athena ODBC Driver < 2.0.5.1 Command Injection (Linux)

The version of Amazon Athena ODBC Driver installed on the remote Linux host is prior to 2.0.5.1. It is, therefore, affected by a vulnerability: - OS command injection in the browser-based authentication component might allow a threat actor to execute arbitrary code by using specially crafted...

CVE-2026-5485

creationtimestamp| type| source ---|---|--- 2026-04-03 23:21:08+00:00| seen| Telegram/C4IqkAaofmVuG0ts1zoVr23H-sEIs7UsuvOGOq7uR7BrNw 2026-04-04 04:00:48+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mindxbbi2t27...

CVE-2026-5485

OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To...

RHSA-2023:5485

creationtimestamp| type| source ---|---|--- 2025-10-23 22:46:29+00:00| seen| Telegram/wJZIHXyulUhCfnzcUxi78Bls5nv2Nd02KaD6sbZdH2jehI...

CVE-2023-5485

creationtimestamp| type| source ---|---|--- 2025-06-16 17:38:02+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18487...

CVE-2025-5485

User names used to access the web management interface are limited to the device identifier, which is a numerical identifier no more than 10 digits. A malicious actor can enumerate potential targets by incrementing or decrementing from known identifiers or through enumerating random digit sequenc...

CVE-2025-5485 SinoTrack GPS Receiver Weak Authentication

User names used to access the web management interface are limited to the device identifier, which is a numerical identifier no more than 10 digits. A malicious actor can enumerate potential targets by incrementing or decrementing from known identifiers or through enumerating random digit sequenc...

CVE-2025-5485

creationtimestamp| type| source ---|---|--- 2025-06-10 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-160-01 2025-06-12 20:34:15+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18223 2025-06-12 20:54:06+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2017-5485

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookupnsap. CVE-2017-5485 Note that Nessus relies on the presence of the packa...

CVE-2024-5485

CVE-2024-5485 affects the SureTriggers – Connect All Your Plugins, Apps, Tools & Automate Everything! WordPress plugin. The stored XSS exists in the Trigger Link shortcode in all versions up to 1.0.47 (per the CVE description) and can be exploited by an authenticated user with contributor-level a...

WordPress SureTriggers Plugin <= 1.0.47 is vulnerable to Cross Site Scripting (XSS)

Software SureTriggers Type Plugin Vulnerable versions = 1.0.47 Fixed in 1.0.48 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5485 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 08080f87c55e Credits Krzysztof Zając Required...

RLSA-2024:1601 Moderate: curl security and bug fix update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: information disclosure by exploiting a mixed case flaw CVE-2023-46218 curl: more POST-after-PUT confusion...

curl security and bug fix update

7.61.1-33.5 - cap SFTP packet size sent RHEL-5485 - when keyboard-interactive auth fails, try password 2229800 - unify the upload/method handling CVE-2023-28322 - fix cookie injection with none file CVE-2023-38546 - lowercase the domain names before PSL checks CVE-2023-46218...

Fedora: Security Advisory for chromium (FEDORA-2023-8c9fd2a001)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 38 : chromium (2023-8c9fd2a001)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-8c9fd2a001 advisory. Update to 118.0.5993.70. Include following security fixes: - CVE-2023-5218: Use after free in Site Isolation. - CVE-2023-5487: Inappropriate...

Mageia: Security Advisory (MGASA-2023-0289)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated chromium-browser-stable packages fix bugs and vulnerabilities

The chromium-browser-stable package has been updated to the 118.0.5993.70 release, fixing 20 bugs and vulnerabilities. Some of the security fixes are: Critical CVE-2023-5218: Use after free in Site Isolation. Reported by @18 on 2023-09-27 Medium CVE-2023-5487: Inappropriate implementation in...

MGASA-2023-0289 Updated chromium-browser-stable packages fix bugs and vulnerabilities

The chromium-browser-stable package has been updated to the 118.0.5993.70 release, fixing 20 bugs and vulnerabilities. Some of the security fixes are: Critical CVE-2023-5218: Use after free in Site Isolation. Reported by @18 on 2023-09-27 Medium CVE-2023-5487: Inappropriate implementation in...

Chromium: CVE-2023-5485 Inappropriate implementation in Autofill

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...