CVE-2026-5684

creationtimestamp| type| source ---|---|--- 2026-04-06 23:13:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3miufd3cc6e2q 2026-04-06 23:22:19+00:00| seen| Telegram/F-tbnQCu7KGoJ0u4OEM4TknejxA1jNnRqA-1uSHs9aPRtPw 2026-05-01 12:07:07+00:00| seen|...

CVE-2026-5684

A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issue is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack requires access to the local...

CVE-2025-5684 MetForm <= 4.0.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via `mf-template` DOM Element

The MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the mf-template DOM Element in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping. This makes it...

WordPress MetForm plugin <= 4.0.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via `mf-template` DOM Element vulnerability

AuthenticatedContributor+ Stored Cross-Site Scripting via mf-template DOM Element vulnerability discovered by Asaf Mozes in WordPress Plugin Metform versions = 4.0.1...

CVE-2024-5684

An attacker with access to the private network the charger is connected to or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would...

CVE-2023-5684

A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231012. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /importexport.php. The manipulation leads to os command injection. The attack can be launched remotely. The...

CVE-2020-5684

iSM client versions from V5.1 prior to V12.1 running on NEC Storage Manager or NEC Storage Manager Express does not verify a server certificate properly, which allows a man-in-the-middle attacker to eavesdrop on an encrypted communication or alter the communication via a crafted certificate...

CVE-2015-5684

MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A buffer overflow vulnerability was reported, fixed and publicly disclosed in 2015 in the Lenovo Service Engine LSE, affecting various versions of BIOS for Lenovo Notebooks, that could allow a remote user to execu...

CVE-2024-5684 ID Charger Connect & Pro - JWT-Null-Algorithm

An attacker with access to the private network the charger is connected to or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would...

CVE-2024-5684

CVE-2024-5684 affects Volkswagen Group ID Charger Connect & Pro. A faulty JWT-library implementation can allow a local/adjacent attacker to bypass password authentication on the web configuration interface and gain full user access. If the library accepts a "+none" algorithm, the JWT may be insec...

CVE-2024-5684 ID Charger Connect & Pro - JWT-Null-Algorithm

An attacker with access to the private network the charger is connected to or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would...

CGA-R2PQ-VQJR-5684

Bulletin has no description...

CVE-2023-5684

creationtimestamp| type| source ---|---|--- 2023-10-21 12:35:51+00:00| seen| https://t.me/cibsecurity/72729...

CVE-2023-5684

A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231012. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /importexport.php. The manipulation leads to os command injection. The attack can be launched remotely. The...

CVE-2023-5684

CVE-2023-5684 affects Byzoro Smart S85F Management Platform (and related Beijing Baichuo variant) up to version 20231012. Affects an unknown functionality in /importexport.php, where manipulation leads to OS command injection. Impact is execution of commands with remote access; exploitation is po...

CVE-2023-5684 Byzoro Smart S85F Management Platform importexport.php os command injection

A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231012. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /importexport.php. The manipulation leads to os command injection. The attack can be launched remotely. The...

CVE-2023-5684 Byzoro Smart S85F Management Platform importexport.php os command injection

A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231012. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /importexport.php. The manipulation leads to os command injection. The attack can be launched remotely. The...

AlmaLinux 9 : galera and mariadb (ALSA-2023:5684)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5684 advisory. - MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepareinplaceaddvirtual at /storage/innobase/handler/handler0alter.cc...

RHEL 9 : galera and mariadb (RHSA-2023:5684)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5684 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded ...

Ubuntu 16.04 ESM : Linux kernel (Azure) vulnerabilities (USN-5684-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5684-1 advisory. It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A...