59 matches found
ECHO-CBFE-5521-46AA
Bulletin has no description...
EUVD-2018-11807
Malware in sbrugna...
CVE-2025-5521
creationtimestamp| type| source ---|---|--- 2025-06-03 19:28:37+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqpzkbrik562 2025-06-03 21:17:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqq7nkela42e...
CVE-2025-5521 WuKongOpenSource WukongCRM updataPassword cross-site request forgery
A vulnerability was found in WuKongOpenSource WukongCRM 9.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /system/user/updataPassword. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The...
CVE-2025-5521
CVE-2025-5521 affects WuKongOpenSource WukongCRM 9.0. An unknown functionality in /system/user/updataPassword is vulnerable to cross-site request forgery. The issue can be exploited remotely and the exploit has been publicly disclosed; vendor response has been non-existent. Remediation details ar...
CVE-2025-5521 WuKongOpenSource WukongCRM updataPassword cross-site request forgery
A vulnerability was found in WuKongOpenSource WukongCRM 9.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /system/user/updataPassword. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The...
CVE-2023-5521
Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9...
CVE-2013-5521
Cisco Identity Services Engine does not properly restrict the creation of guest accounts, which allows remote attackers to cause a denial of service exhaustion of the account supply via a series of requests within one session, aka Bug ID CSCue94287...
Linux Distros Unpatched Vulnerability : CVE-2012-5521
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - quagga ospf6d 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal CVE-2012-5521 Note that Nessus relies on the presence of the package a...
NETGEAR Administrator Password Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NETGEAR Administrator Password Disclosure', 'Description' = %q This module will collect the password for the admin user. The exploit will not...
Important: Red Hat Security Advisory: kpatch-patch-5_14_0-284_48_1 and kpatch-patch-5_14_0-284_52_1 security update
An update for kpatch-patch-5140-284481 and kpatch-patch-5140-284521 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which give...
RHEL 9 : kpatch-patch-5_14_0-284_48_1 and kpatch-patch-5_14_0-284_52_1 (RHSA-2024:5521)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5521 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module i...
RHEL 5 : quagga (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - quagga: VPNv4 NLRI parser memcpys to stack on unchecked length CVE-2016-2342 - quagga: Double free...
RHEL 6 : quagga (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to cra...
CVE-2024-5521
Two Cross-Site Scripting vulnerabilities have been discovered in Alkacon's OpenCMS affecting version 16, which could allow a user having the roles of gallery editor or VFS resource manager will have the permission to upload images in the .svg format containing JavaScript code. The code will be...
CVE-2024-5521
The CVE-2024-5521 entry describes stored Cross-Site Scripting in Alkacon OpenCMS 16 via SVG file uploads. The root cause is improper validation of .svg images, which, when uploaded by users with gallery editor or VFS resource manager roles, allows JavaScript in the SVG to execute when another use...
CVE-2024-5521 Cross-Site Scripting stored in Alkacon OpenCMS
Two Cross-Site Scripting vulnerabilities have been discovered in Alkacon's OpenCMS affecting version 16, which could allow a user having the roles of gallery editor or VFS resource manager will have the permission to upload images in the .svg format containing JavaScript code. The code will be...
CVE-2024-5521 Cross-Site Scripting stored in Alkacon OpenCMS
Two Cross-Site Scripting vulnerabilities have been discovered in Alkacon's OpenCMS affecting version 16, which could allow a user having the roles of gallery editor or VFS resource manager will have the permission to upload images in the .svg format containing JavaScript code. The code will be...
CVE-2012-5521
creationtimestamp| type| source ---|---|--- 2024-02-27 07:41:40+00:00| seen| https://t.me/ctinow/194057...
CVE-2023-5521
creationtimestamp| type| source ---|---|--- 2023-10-11 16:31:39+00:00| seen| https://t.me/cibsecurity/72102 2023-10-28 12:33:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/9277 2024-08-16 08:40:14+00:00| published-proof-of-concept| https://t.me/Rootsec2/1566...