MINI-M5F6-G2JQ-5664

Bulletin has no description...

MiracleLinux 7 : tomcat-7.0.69-12.el7 (AXSA:2017-1748:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1748:02 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Ja...

CVE-2025-5664

creationtimestamp| type| source ---|---|--- 2025-06-05 15:01:09+00:00| published-proof-of-concept| Telegram/Zv-pdrcTYlIiMzVhdVtgLNi1tORwiJJY7nTtoW4bJRg7PA...

CVE-2024-5664

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute within the plugin's sonaaraudioplayer shortcode in all versions up to, and including, 5.5 due to insufficient input sanitization and outpu...

CVE-2023-5664

The Garden Gnome Package plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ggpkg' shortcode in all versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

CVE-2020-5664

Deserialization of untrusted data vulnerability in XooNIps 3.49 and earlier allows remote attackers to execute arbitrary code via unspecified vectors...

Qnap QTS Cross-site Scripting (CVE-2015-5664)

Cross-site scripting XSS vulnerability in File Station in QNAP QTS before 4.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

CVE-2024-5664

creationtimestamp| type| source ---|---|--- 2024-07-10 10:54:44+00:00| seen| https://t.me/cvedetector/526...

CVE-2024-5664 MP3 Audio Player for Music, Radio & Podcast by Sonaar <= 5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via sonaar_audioplayer Shortcode

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute within the plugin's sonaaraudioplayer shortcode in all versions up to, and including, 5.5 due to insufficient input sanitization and outpu...

WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar Plugin <= 5.5 is vulnerable to Cross Site Scripting (XSS)

Software MP3 Audio Player for Music, Radio & Podcast by Sonaar Type Plugin Vulnerable versions = 5.5 Fixed in 5.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5664 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 61d58242086...

Apache Tomcat 9.0.0.M1 < 9.0.0.M21

The version of Tomcat installed on the remote host is prior to 9.0.0.M21. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.0.m21security-9 advisory. - The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an err...

Apache Tomcat 7.0.0 < 7.0.78

The version of Tomcat installed on the remote host is prior to 7.0.78. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat7.0.78security-7 advisory. - The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error pag...

Debian: Security Advisory (DSA-5664-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-5664

CVE-2023-5664 applies to Garden Gnome Package for WordPress. Stored XSS via the ggpkg shortcode affects all versions up to 2.2.8 due to insufficient input sanitization and output escaping on shortcode attributes. The vulnerability permits authenticated users with contributor-level permissions or ...

WordPress Garden Gnome Package Plugin <= 2.2.8 is vulnerable to Cross Site Scripting (XSS)

Software Garden Gnome Package Type Plugin Vulnerable versions = 2.2.8 Fixed in 2.2.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5664 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 790dcd0a5adc Credits Lana Codes Required...

COMMAX UMS Client ActiveX Control 1.7.0.2 - (CNC_Ctrl.dll) Heap Buffer Overflow Vulnerability

Exploit Title: COMMAX UMS Client ActiveX Control 1.7.0.2 - 'CNCCtrl.dll' Heap Buffer Overflow Exploit Author: LiquidWorm Vendor Homepage: https://www.commax.com COMMAX UMS Client ActiveX Control 1.7.0.2 CNCCtrl.dll Heap Buffer Overflow Vendor: COMMAX Co., Ltd. Prodcut web page:...

COMMAX UMS Client ActiveX Control 1.7.0.2 - &#039;CNC_Ctrl.dll&#039; Heap Buffer Overflow

Exploit Title: COMMAX UMS Client ActiveX Control 1.7.0.2 - 'CNCCtrl.dll' Heap Buffer Overflow Date: 02.08.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.commax.com COMMAX UMS Client ActiveX Control 1.7.0.2 CNCCtrl.dll Heap Buffer Overflow Vendor: COMMAX Co., Ltd. Prodcut web page:...

COMMAX UMS Client ActiveX Control 1.7.0.2 Buffer Overflow

COMMAX UMS Client ActiveX Control 1.7.0.2 CNCCtrl.dll Heap Buffer Overflow Vendor: COMMAX Co., Ltd. Prodcut web page: https://www.commax.com Affected version: 1.7.0.2 Summary: COMMAX activex web viewer UMS client 32bit for COMMAX DVR/NVR. Desc: The vulnerability is caused due to a boundary error ...

COMMAX UMS Client ActiveX Control 1.7.0.2 (CNC_Ctrl.dll) Heap Buffer Overflow

Summary COMMAX activex web viewer client 32bit for COMMAX DVR/NVR. Description The vulnerability is caused due to a boundary error in the processing of user input, which can be exploited to cause a heap based buffer overflow when a user inserts overly long array of string bytes through several...

SUSE: Security Advisory (SUSE-SU-2018:1847-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...