CVE-2026-5648

A flaw has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /userfinishregister.php of the component Parameter Handler. This manipulation of the argument firstName causes sql injection. Remote exploitation of the attack is possible. The...

MiracleLinux 7 : tomcat-7.0.69-12.el7 (AXSA:2017-1748:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1748:02 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Ja...

EUVD-2015-5648

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-5648

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to...

CVE-2025-5648

creationtimestamp| type| source ---|---|--- 2025-06-05 09:47:25+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqtzygaohpm2 2025-06-05 11:17:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqu73m7fzn2s...

CVE-2025-5648

A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity...

CVE-2025-5648

A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity...

CVE-2025-5648 Radare2 radiff2 pal.c r_cons_pal_init memory corruption

A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity...

CVE-2025-5648 Radare2 radiff2 pal.c r_cons_pal_init memory corruption

A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity...

CVE-2025-5648

Radare2 5.9.9 (radiff2) is affected by CVE-2025-5648. The vulnerability is in r_cons_pal_init (libr/cons/pal.c) where manipulation of the -T argument leads to memory corruption. It requires local access with a high attack complexity; exploitability is rated as difficult. The patch is identified a...

CVE-2025-5648

A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity...

CVE-2020-5648

Improper neutralization of argument delimiters in a command 'Argument Injection' vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE...

CVE-2024-5648

creationtimestamp| type| source ---|---|--- 2024-07-09 11:49:55+00:00| seen| https://t.me/cvedetector/285...

CVE-2024-5648 LearnDash LMS - Reports Free <= 1.8.2 - Missing Authorization to Plugin Settings Update

The LearnDash LMS – Reports plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.8.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

WordPress LearnDash LMS – Reports Plugin <= 1.8.2 is vulnerable to Broken Access Control

Software LearnDash LMS – Reports Type Plugin Vulnerable versions = 1.8.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5648 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 36a198e999f6 Credits Lucio Sá Required...

Apache Tomcat 8.0.0.RC1 < 8.0.42

The version of Tomcat installed on the remote host is prior to 8.0.42. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.0.42security-8 advisory. - While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M...

Apache Tomcat 8.5.0 < 8.5.12

The version of Tomcat installed on the remote host is prior to 8.5.12. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.5.12security-8 advisory. - While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M...

Apache Tomcat 9.0.0.M1 < 9.0.0.M18

The version of Tomcat installed on the remote host is prior to 9.0.0.M18. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.0.m18security-9 advisory. - While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat...

Debian: Security Advisory (DSA-5648-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dsa-5648 : chromium - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5648 advisory. - Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page...