CVE-2026-5604 Tenda CH22 Parameter CertLocalPrecreate formCertLocalPrecreate stack-based overflow

A security flaw has been discovered in Tenda CH22 1.0.0.1. The impacted element is the function formCertLocalPrecreate of the file /goform/CertLocalPrecreate of the component Parameter Handler. Performing a manipulation of the argument standard results in stack-based buffer overflow. Remote...

CVE-2026-5604

creationtimestamp| type| source ---|---|--- 2026-04-05 14:50:06+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116352654112501654 2026-04-05 23:26:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mirvjvspiw25 2026-04-06 01:15:46+00:00| published-proof-of-concept|...

CVE-2025-5604

creationtimestamp| type| source ---|---|--- 2025-06-04 20:06:24+00:00| seen| https://bsky.app/profile/FunctionalProgramming.activitypub.awakari.com.ap.brid.gy/post/3lqsm3svj6dk2...

CVE-2025-5604

A vulnerability was found in Campcodes Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user-login.php. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit ha...

CVE-2025-5604 Campcodes Hospital Management System user-login.php sql injection

A vulnerability was found in Campcodes Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user-login.php. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit ha...

CVE-2024-5604

The Bug Library WordPress plugin before 2.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2020-5604

Android App 'Mercari' Japan version prior to version 3.52.0 allows arbitrary method execution of a Java object by a remote attacker via a Man-In-The-Middle attack by using Java Reflection API of JavaScript code on WebView...

CVE-2024-5604

creationtimestamp| type| source ---|---|--- 2024-07-19 08:40:54+00:00| seen| https://t.me/cvedetector/1193...

CVE-2024-5604 Bug Library < 2.1.2 - Admin+ Stored XSS

The Bug Library WordPress plugin before 2.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress Bug Library Plugin < 2.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Bug Library Type Plugin Vulnerable versions 2.1.2 Fixed in 2.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5604 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 33f82588687d Credits Bob Matyas Required privilege...

Malicious code in wlwz-2312-5604 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6963caefff4a061651d4c8afe98aa2ecad2483accb3ff5b65aef1fdecfba5ec0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Debian dsa-5604 : openjdk-11-dbg - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5604 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5604-1...

CVE-2023-5604

creationtimestamp| type| source ---|---|--- 2023-12-17 09:06:30+00:00| seen| https://t.me/ctinow/155537...

CVE-2023-5604

The CVE-2023-5604 entry corresponds to the Asgaros Forum WordPress plugin prior to version 2.7.1. Several connected sources confirm a root cause where forum administrators (not necessarily WordPress super-admins) can configure insecure upload settings that permit unauthenticated users to upload d...

RHEL 9 : kernel (RHSA-2023:5604)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5604 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: Kernel: net/sched: Use-after-free...

Ubuntu: Security Advisory (USN-5604-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 ESM : LibTIFF vulnerabilities (USN-5604-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5604-1 advisory. It was discovered that LibTIFF incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly...

Mageia: Security Advisory (MGASA-2013-0326)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2013-0320)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TDM Digital Signage PC Player 4.1 Insecure File Permissions

TDM Digital Signage PC Player 4.1 Insecure File Permissions Vendor: TDM Trending Digital Marketing Product web page: https://www.tdmsignage.com https://pro.sony/enNL/products/display-software/tdm-ds1y-tdm-ds3y Affected version: 4.1.0.4 Summary: With TDM you can do a lot more than just show Digita...