CVE-2026-5620

creationtimestamp| type| source ---|---|--- 2026-04-06 06:24:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mismwbqqid2s...

MiracleLinux 9 : tigervnc-1.12.0-13.el9 (AXSA:2023-5620:09)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5620:09 advisory. xorg-x11-server: XkbGetKbdByName use-after-free CVE-2022-4283 xorg-x11-server: XTestSwapFakeInput stack overflow CVE-2022-46340 xorg-x11-server:...

CVE-2020-5620

Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated attackers to inject arbitrary script or HTML via a specially crafted file...

CVE-2024-5620

creationtimestamp| type| source ---|---|--- 2024-07-18 20:08:14+00:00| seen| https://t.me/cvedetector/1159...

CVE-2024-5620 Authentication Bypass in PruvaSoft Informatics' Apinizer Management Console

Authentication Bypass Using an Alternate Path or Channel vulnerability in PruvaSoft Informatics Apinizer Management Console allows Authentication Bypass. This issue affects Apinizer Management Console: before 2024.05.1...

CVE-2024-5620 Authentication Bypass in PruvaSoft Informatics' Apinizer Management Console

Authentication Bypass Using an Alternate Path or Channel vulnerability in PruvaSoft Informatics Apinizer Management Console allows Authentication Bypass. This issue affects Apinizer Management Console: before 2024.05.1...

CVE-2023-5620

creationtimestamp| type| source ---|---|--- 2023-11-28 14:14:48+00:00| seen| https://t.me/arpsyndicate/652...

CVE-2023-5620

The Web Push Notifications WordPress plugin before 4.35.0 does not prevent visitors on the site from changing some of the plugin options, some of which may be used to conduct Stored XSS attacks...

CVE-2023-5620

CVE-2023-5620 concerns Web Push Notifications (Webpushr) for WordPress, pre-4.35.0. The vulnerability is an unauthenticated Stored XSS due to insufficient protection when visitors can alter plugin settings, enabling an attacker to inject scripts via settings like price_drop_icon. The Red Hat/patc...

CVE-2023-5620 Webpushr < 4.35.0 - Unauthenticated Stored XSS

The Web Push Notifications WordPress plugin before 4.35.0 does not prevent visitors on the site from changing some of the plugin options, some of which may be used to conduct Stored XSS attacks...

WordPress Webpushr Plugin < 4.35.0 is vulnerable to Cross Site Scripting (XSS)

Software Webpushr Type Plugin Vulnerable versions 4.35.0 Fixed in 4.35.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5620 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 15644fc2ddd3 Credits Krzysztof Zając Required...

Rocky Linux 8 : postgresql:12 (RLSA-2020:5620)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:5620 advisory. - It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the searchpath during logical replication. A...

CentOS 8 : postgresql:12 (CESA-2020:5620)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:5620 advisory. - postgresql: Uncontrolled search path element in logical replication CVE-2020-14349 - postgresql: Uncontrolled search path element in CREATE EXTENSION...

Selea Targa IP OCR-ANPR Camera - &#039;addr&#039; Remote Code Execution (Unauthenticated)

Exploit Title: Selea Targa IP OCR-ANPR Camera - 'addr' Remote Code Execution Unauthenticated Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com !/bin/bash Selea Targa IP OCR-ANPR Camera Unauthenticated Remote Code Execution Vendor: Selea s.r.l. Product web page:...

Oracle Linux 8 : ELSA-2020-5620-1: / postgresql:12 (ELSA-2020-56201)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-56201 advisory. postgresql 12.5-1 - Rebase to upstream release 12.5 Resolves: rhbz1901555 Resolves: rhbz1898223 Resolves: rhbz1898329 12.1-3 - Release bump for 8.2.0...

RHEL 8 : postgresql:12 (RHSA-2020:5620)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5620 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream...

CVE-2020-5620

Exment prior to v3.6.0 is vulnerable to stored cross-site scripting (via a crafted file or certain inputs). The root cause is improper input sanitization (CWE-79) that allows an arbitrary script to run in a logged-in user’s browser. Affected product: Exment; affected versions: before 3.6.0. Impac...

CVE-2019-5620

ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function...

CVE-2019-5620

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/abbwserverexec.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:16+00:00| seen|...

CVE-2018-9958

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...