ECHO-5670-7B93-1B85

Bulletin has no description...

CVE-2026-5670

creationtimestamp| type| source ---|---|--- 2026-04-06 18:48:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mitwivu5rp2o...

CVE-2026-5670 Cyber-III Student-Management-System upload.php move_uploaded_file unrestricted upload

A vulnerability was found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This issue affects the function moveuploadedfile of the file /AssignmentSection/submission/upload.php. Performing a manipulation of the argument File results in unrestricted upload. Th...

CVE-2026-5670 Cyber-III Student-Management-System upload.php move_uploaded_file unrestricted upload

A vulnerability was found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This issue affects the function moveuploadedfile of the file /AssignmentSection/submission/upload.php. Performing a manipulation of the argument File results in unrestricted upload. Th...

CVE-2025-5670

CVE-2025-5670 affects PHPGurukul Medical Card Generation System 1.0. Multiple sources confirm a SQL injection in the /admin/manage-card.php file via the ID parameter, enabling remote exploitation and potentially data exfiltration. No patch/version fix details are provided in the supplied document...

CVE-2013-5670

Cross-site scripting XSS vulnerability in spell-check-savedicts.php in the htmlarea SpellChecker module, as used in Serendipity before 1.7.3 and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the torlist parameter...

CVE-2024-5670

creationtimestamp| type| source ---|---|--- 2024-07-29 06:15:20+00:00| seen| https://t.me/cvedetector/1797 2024-07-31 10:57:47+00:00| published-proof-of-concept| https://t.me/HackingInsights/8021 2024-07-31 17:34:43+00:00| seen| https://t.me/CyberBulletin/230 2024-07-31 17:44:52+00:00| seen|...

CVE-2024-5670 Softnext Mail SQR Expert and Mail Archiving Expert - OS Command Injection

The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the remote server...

CVE-2024-5670 Softnext Mail SQR Expert and Mail Archiving Expert - OS Command Injection

The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the remote server...

Security Bulletin: Vulnerabilities affect NVIDIA GPU Display Drivers for Linux and Windows

Summary NVIDIA has released an update to address the following vulnerabilities in GPU Display Drivers for Linux and Windows. Vulnerability Details CVEID: CVE-2018-6260 DESCRIPTION: NVIDIA graphics driver could allow a local authenticated attacker to obtain sensitive information, caused by a flaw ...

SUSE CVE-2012-5670

The bdfparseglyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service out-of-bounds write and crash via vectors related to BDF fonts and an ENCODING field with a negative value...

USN-5670-1 dotnet6 vulnerability

Edward Thomson discovered that .NET 6 incorrectly handled permissions for local NuGet cache. A local attacker could possibly use this issue to execute arbitrary code...

Ubuntu 22.04 LTS : .NET 6 vulnerability (USN-5670-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5670-1 advisory. Edward Thomson discovered that .NET 6 incorrectly handled permissions for local NuGet cache. A local attacker could possibly use this issue to execute arbitrary...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5670)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5670 advisory. - brcmfmac: add subtype check for event handling in data path John Donnelly Orabug: 30776354 CVE-2019-9503 - mwifiex: pcie: Fix memory leak in...

CVE-2019-5670

CVE-2019-5670 affects NVIDIA GeForce Windows GPU Display Driver. A flaw in the kernel-mode DxgkDdiEscape handler uses an incorrect length when reading/writing a buffer, causing out-of-bounds access and potential local escalation of privileges, code execution, denial of service, or information dis...

CVE-2018-5670

An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php saleconditionscount parameter...

CVE-2018-5670

CVE-2018-5670 affects the WordPress booking-calendar plugin up to version 2.1.7. The issue is an XSS in wp-admin/admin.php via the sale_conditions[count][] parameter, as reported across sources (NVD, CNVD, CVE listings). Some records describe this as an authenticated stored XSS with CSRF (WPVulnd...

CVE-2017-5670

Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program not shred or srm, which makes it easier for physically proximate attackers to obtain sensitive information by reading raw disk blocks...

CVE-2017-5670

CVE-2017-5670 affects Riverbed RiOS up to 9.6.0. The issue is insecure cryptographic storage: the secure vault used for server TLS certificates can be deleted with the rm program (not shred/srm), enabling a physically proximate attacker to read raw disk blocks and potentially recover private keys...

Riverbed RiOS Insecure Cryptographic Storage

Riverbed RiOS insecure cryptographic storage CVE-2017-5670 Description Riverbed Steelhead hardware appliances are used to optimize and accelerate network traffic. There can be implemented as TLS endpoints, so they have a secure vault aimed to store private TLS certificates for servers. The secure...