ECHO-6D3A-5524-DE2E

Bulletin has no description...

EUVD-2016-6471

Malware in sbrugna...

CVE-2025-5524

The OceanWP theme for WordPress is vulnerable to Stored Cross-Site Scripting via the Select HTML tag in all versions up to, and including, 4.0.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above,...

CVE-2025-5524

The OceanWP theme for WordPress is vulnerable to Stored Cross-Site Scripting via the Select HTML tag in all versions up to, and including, 4.0.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above,...

CVE-2025-5524 OceanWP <= 4.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Select HTML Tag

The OceanWP theme for WordPress is vulnerable to Stored Cross-Site Scripting via the Select HTML tag in all versions up to, and including, 4.0.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above,...

CVE-2025-5524

CVE-2025-5524 (OceanWP) is a Stored XSS in OceanWP 4.0.9. PatchStack and PT-security entries corroborate the issue and suggest updating to resolve it; Wordfence references indicate patching in later advisories.

WordPress OceanWP Theme <= 4.0.9 is vulnerable to Cross Site Scripting (XSS)

Software OceanWP Type Theme Vulnerable versions = 4.0.9 Fixed in 4.1.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2025-5524 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID aa9ebeb90689 Credits Asaf Mozes Required privilege...

CVE-2020-5524

Aterm series Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function...

CVE-2015-5524

An issue was discovered on Samsung mobile devices with KK4.4 and later software through 2015-05-13. There is a buffer overflow in datablockwrite because the amount of received data is not validated. The Samsung ID is SVE-2015-4018 December 2015...

RockyLinux 8 : bind (RLSA-2024:5524)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5524 advisory. bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam CVE-2024-1737 bind9: bind: SIG0 can be used to exhaust CPU...

AlmaLinux 8 : bind (ALSA-2024:5524)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:5524 advisory. bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam CVE-2024-1737 bind9: bind: SIG0 can be used to exhaust CPU...

Oracle Linux 8 : bind (ELSA-2024-5524)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5524 advisory. - Resolve CVE-2024-1975 - Resolve CVE-2024-1737 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

CVE-2023-5524

creationtimestamp| type| source ---|---|--- 2023-10-20 12:41:15+00:00| seen| https://t.me/cibsecurity/72675...

CVE-2023-5524

Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types...

CVE-2023-5524 M-Files Web Companion allows Remote Code Execution for some filetypes

Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types...

CVE-2023-5524 M-Files Web Companion allows Remote Code Execution for some filetypes

Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types...

CVE-2023-5524

CVE-2023-5524 refers to an inadequate file-type blacklist in M-Files Web Companion that enables Remote Code Execution . Technical details across sources indicate the vulnerability affects versions prior to 23.10 for the standard Web Companion and prior to 23.8 LTS SR1 for the LTS service release....

K53931245: BIG-IP SSL profile vulnerability CVE-2018-5524

Security Advisory Description Under certain conditions, virtual servers configured with Client SSL or Server SSL profiles that make use of network hardware security module HSM functionality are exposed and impacted by this issue. CVE-2018-5524 Impact Malformed Transport Layer Security TLS request...

Ubuntu 20.04 LTS / 22.04 LTS : HarfBuzz vulnerability (USN-5524-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5524-1 advisory. It was discovered that HarfBuzz incorrectly handled certain glyph sizes. A remote attacker could use this issue to cause HarfBuzz to crash, resulting ...

CVE-2020-5524

Aterm series Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function...