CVE-2026-5740

creationtimestamp| type| source ---|---|--- 2026-05-22 12:45:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmgxnwxwvc2p...

CVE-2026-5740

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to properly validate msgpack-encoded WebSocket frames before memory allocation which allows an unauthenticated remote attacker to crash the server process and cause a full service outage for all users v...

MiracleLinux 7 : bind-9.9.4-61.1.0.1.el7.AXS7 (AXSA:2018-3317:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3317:03 advisory. bind: processing of certain records when deny-answer-aliases is in use may trigger an assert leading to a denial of service CVE-2018-5740 Tenable has extract...

CVE-2025-5740

CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause arbitrary file writes when an authenticated user on the web server manipulates file path...

CVE-2025-5740

CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause arbitrary file writes when an authenticated user on the web server manipulates file path...

CVE-2025-5740

CVE-2025-5740 describes a CWE-22 path traversal in Schneider Electric EVLink WallBox (home charging station). Affected component is the web server handling file paths; root cause is improper limitation of a pathname to a restricted directory. The vulnerability could allow an authenticated user to...

CVE-2025-5740

CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause arbitrary file writes when an authenticated user on the web server manipulates file path...

CVE-2025-5740

CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause arbitrary file writes when an authenticated user on the web server manipulates file path...

CVE-2020-5740

Improper Input Validation in Plex Media Server on Windows allows a local, unauthenticated attacker to execute arbitrary Python code with SYSTEM privileges...

CVE-2013-5740

Unspecified vulnerability in the Intel Trusted Execution Technology TXT SINIT Authenticated Code Modules ACM before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured launch environment MLE...

Linux Distros Unpatched Vulnerability : CVE-2018-5740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - deny-answer-aliases is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of...

WordPress NinjaTeam Live Chat (Messenger API) Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software NinjaTeam Live Chat Messenger API Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5740 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 05ea165d1ff8 Credits Lana Codes...

CVE-2023-5740

creationtimestamp| type| source ---|---|--- 2023-10-25 22:45:26+00:00| seen| https://t.me/cibsecurity/72854...

CVE-2023-5740

CVE-2023-5740 corresponds to a Stored XSS in the WordPress Live Chat with Facebook Messenger plugin. The vulnerability affects all versions up to 1.0 and arises from insufficient input sanitization and output escaping of shortcode attributes in the messenger shortcode. Exploitation requires attac...

CVE-2023-5740 Live Chat with Facebook Messenger <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Live Chat with Facebook Messenger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'messenger' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

CVE-2023-5740

The Live Chat with Facebook Messenger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'messenger' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

BELL-CVE-2018-5740 CVE-2018-5740 does not affect BellSoft software

Bulletin has no description...

K98528405: BIG-IP BIND vulnerability CVE-2018-5740

Security Advisory Description A flaw in the "deny-answer-aliases" feature can cause an INSIST assertion failure in named. CVE-2018-5740 Impact A flaw in a rarely used BIND feature can cause an assertion failure in named. As a result, the bind process restarts. Security Advisory Status F5 Product...

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x traceroute.php Conditional Command Injection

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x traceroute.php Conditional Command Injection Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Puls...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : X.Org X Server vulnerabilities (USN-5740-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5740-1 advisory. It was discovered that X.Org X Server incorrectly handled certain inputs. An attacker could use these issues to cause...