Linux Distros Unpatched Vulnerability : CVE-2025-49847

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - llama.cpp is an inference of several LLM models in C/C++. Prior to version b5662, an attackersupplied GGUF model vocabulary can trigger a buffer overflow in...

ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.10), ai.h2o:h2o-algos (>=3.0.0.5 <=3.46.0.10) +44 more potentially affected by CVE-2025-5662 via ai.h2o:h2o-core (>=3.0.0.12 <=3.46.0.7)

ai.h2o:h2o-core MAVEN version =3.0.0.12, =3.34.0.1, =3.0.0.5, =3.0.0.5, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.10 and more Source cves: CVE-2025-5662 Source advisory: SNYK:JAVA-AIH2O-12485437...

MINI-HH4M-5662-JVFM

Bulletin has no description...

CVE-2020-5662

Reflected cross-site scripting vulnerability in XooNIps 3.49 and earlier allows remote authenticated attackers to inject arbitrary script via unspecified vectors...

Linux Distros Unpatched Vulnerability : CVE-2017-5662

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG file...

Linux Distros Unpatched Vulnerability : CVE-2012-5662

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x3270 before 3.3.12ga12 does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509...

CVE-2024-5662 Ultimate Post Kit Addons For Elementor – (Post Grid, Post Carousel, Post Slider, Category List, Post Tabs, Timeline, Post Ticker, Tag Cloud) <= 3.11.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Social Count (Static) Widget

The Ultimate Post Kit Addons For Elementor – Post Grid, Post Carousel, Post Slider, Category List, Post Tabs, Timeline, Post Ticker, Tag Cloud plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the Social Count Static widget in all versions up to, and...

RHEL 7 : batik (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - batik: XML external entity processing vulnerability CVE-2017-5662 - batik: information disclosure when...

RHEL 6 : batik (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - batik: XML external entity processing vulnerability CVE-2017-5662 - batik: information disclosure when...

RHEL 7 : batik (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - batik: XML external entity processing vulnerability CVE-2017-5662 - batik: information disclosure when...

WordPress Sponsors Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS)

Software Sponsors Type Plugin Vulnerable versions = 3.5.0 Fixed in 3.5.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5662 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9bf22e6aa8b3 Credits István Márton Required privileg...

CVE-2023-5662 Sponsors <= 3.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Sponsors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sponsors' shortcode in all versions up to, and including, 3.5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacke...

CVE-2023-5662

CVE-2023-5662 affects the WordPress Sponsors plugin, vulnerable in all versions up to and including 3.5.0 due to insufficient input sanitization and output escaping on the plugin’s sponsors shortcode. Impact is stored XSS that authenticated users with contributor-level or higher can inject, poten...

Ubuntu 16.04 ESM / 18.04 ESM : Oniguruma vulnerabilities (USN-5662-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5662-1 advisory. It was discovered that Oniguruma incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial...

Security Bulletin: Vulnerabilities found in batik-all-1.7.jar, batik-dom-1.7.jar which is shipped with IBM® Intelligent Operations Center(CVE-2018-8013, CVE-2017-5662, CVE-2015-0250)

Summary Multiple vulnerabilities have been identified in batik-all-1.7.jar, batik-dom-1.7.jar which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs...

Security Bulletin: The IBM® Engineering System Design Rhapsody products on IBM Jazz Technology contains additional security fixes for CVE-2015-0250, CVE-2018-8013, CVE-2017-5662 batik-dom-1.7.jar (Publicly disclosed vulnerability found by WhiteSource)

Summary The IBM® Engineering System Design Rhapsody 9.0.1 iFix005 contains fix for CVE-2015-0250, CVE-2018-8013, CVE-2017-5662 batik-dom-1.7.jar which is identified as a vulnerability during OSS scan. This version contains upgraded vresion of batik-dom to batik-dom-1.16.jar Vulnerability Details...

Ubuntu: Security Advisory (USN-5662-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple Vulnerabilities discovered in libraries used by TCRtoolkit in ITNM

Summary Multiple vulnerabilities CVE-2009-4521; CVE-2015-0250; CVE-2017-5662; CVE-2018-8013; CVE-2019-17566; CVE-2020-11987; CVE-2009-4269; CVE-2009-4521; CVE-2009-4521; CVE-2009-4521; CVE-2009-4521; CVE-2009-4521; CVE-2021-41033 found in TCRtoolkit component present in IBM Tivoli Network Manager...

Security Bulletin:IBM TRIRIGA Application Platform discloses CVE-20215-0250

Summary IBM TRIRIGA Application Platform discloses CVE-2015-0250 Vulnerability Details CVEID:CVE-2015-0250 DESCRIPTION: Apache Batik could allow a remote attacker to obtain sensitive information. By persuading a victim to open a specially-crafted SVG file, an attacker could exploit this...

COMMAX Smart Home IoT Control System CDP-1020n - SQL Injection Authentication Bypass Vulnerability

Exploit Title: COMMAX Smart Home IoT Control System CDP-1020n - SQL Injection Authentication Bypass Exploit Author: LiquidWorm Vendor Homepage: https://www.commax.com COMMAX Smart Home IoT Control System CDP-1020n SQL Injection Authentication Bypass Vendor: COMMAX Co., Ltd. Prodcut web page:...