39 matches found
DEBIAN-CVE-2026-5654
AMR-NB codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
UBUNTU-CVE-2026-5654
AMR-NB codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
CVE-2026-5654
AMR-NB codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
CVE-2026-5654
AMR-NB codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
MiracleLinux 9 : toolbox-0.0.99.3-9.el9 (AXSA:2023-5654:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5654:01 advisory. golang: net/http: handle server errors after sending GOAWAY CVE-2022-27664 golang: net/http: An attacker can cause excessive memory growth in a Go...
EUVD-2020-5654
Malware in sbrugna...
CVE-2025-5654
A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-state.php. The manipulation of the argument description leads to sql injection. The attack may be launched remotely. The...
CVE-2025-5654
A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-state.php. The manipulation of the argument description leads to sql injection. The attack may be launched remotely. The...
CVE-2023-5654
The React Developer Tools extension registers a message listener with window.addEventListener'message', in a content script that is accessible to any webpage that is active in the browser. Within the listener is code that requests a URL derived from the received message via fetch. The URL is not...
Oracle Linux 8 : curl (ELSA-2024-5654)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-5654 advisory. - provide common cleanup method for push headers CVE-2024-2398 Tenable has extracted the preceding description block directly from the Oracle Linux security...
RHEL 8 : curl (RHSA-2024:5654)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5654 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, a...
CVE-2024-5654 CF7 Google Sheets Connector <= 5.0.9 - Missing Authorization to Limited Site Configuration Update
The CF7 Google Sheets Connector plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'executepostdatacg7free' function in all versions up to, and including, 5.0.9. This makes it possible for unauthenticated attackers to toggle site...
WordPress CF7 Google Sheets Connector Plugin <= 5.0.9 is vulnerable to Broken Access Control
Software CF7 Google Sheets Connector Type Plugin Vulnerable versions = 5.0.9 Fixed in 5.0.10 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5654 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 90b82cd51794 Credits 1337Wannabe...
Debian: Security Advisory (DSA-5654-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-5654
creationtimestamp| type| source ---|---|--- 2023-10-19 19:31:53+00:00| seen| https://t.me/cibsecurity/72575...
4help-app-shared (>=1.0.21 <=1.0.26), 4help-shared (>=1.0.2 <=1.0.20) +3205 more potentially affected by CVE-2023-5654 via react-devtools-core (>=1.0.6 <=4.28.0)
react-devtools-core NPM version =1.0.6, =1.0.21, =1.0.2, =0.0.1, =1.0.0, =0.0.1, =0.0.1, =1.0.22, =0.0.12, =1.2.0, =1.0.4, =0.0.1, =0.0.6 and more Source cves: CVE-2023-5654 Source advisory: OSV:GHSA-RXRC-RGV4-JPVX...
CVE-2023-5654
The React Developer Tools extension registers a message listener with window.addEventListener'message', in a content script that is accessible to any webpage that is active in the browser. Within the listener is code that requests a URL derived from the received message via fetch. The URL is not...
CVE-2023-5654
The React Developer Tools extension registers a message listener with window.addEventListener'message', in a content script that is accessible to any webpage that is active in the browser. Within the listener is code that requests a URL derived from the received message via fetch. The URL is not...
CVE-2023-5654
The CVE-2023-5654 issue affects the React Developer Tools extension and is caused by a content-script listener registered with window.addEventListener('message', …) that fetches a URL derived from a received message without validating/sanitising it. This allows a malicious page to trigger the vic...
Ubuntu 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5654-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5654-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...