CLSA-2025-1761901881 Fix CVE(s): CVE-2023-5764

SECURITY UPDATE: template injection allows code injection through specially crafted files - debian/patches/CVE-2023-5764.patch: avoid evaluate unsafe conditions - debian/patches/CVE-2023-5764-ext-tests.patch: addional tests - CVE-2023-5764...

CVE-2023-5764

creationtimestamp| type| source ---|---|--- 2025-08-30 08:22:56+00:00| seen| Telegram/dUlaSIsUWUiqiseKOPit5pxMhUG0DydGzU1OdGJljXTSUo...

TencentOS Server 4: ansible (TSSA-2024:0976)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0976 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2025-5764

A vulnerability was found in code-projects Laundry System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /data/insertlaundry.php. The manipulation of the argument Customer leads to cross site scripting. The attack may be launched remotely. The...

CVE-2025-5764

A vulnerability was found in code-projects Laundry System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /data/insertlaundry.php. The manipulation of the argument Customer leads to cross site scripting. The attack may be launched remotely. The...

CVE-2025-5764

CVE-2025-5764 concerns code-projects Laundry System 1.0. The vulnerability is a cross-site scripting (XSS) flaw in the /data/insert_laundry.php file, triggered by manipulating the Customer parameter. Attackers may exploit this remotely, and the exploit has been publicly disclosed. Public document...

CVE-2025-5764 code-projects Laundry System insert_laundry.php cross site scripting

A vulnerability was found in code-projects Laundry System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /data/insertlaundry.php. The manipulation of the argument Customer leads to cross site scripting. The attack may be launched remotely. The...

Security Bulletin: There are multiple vulnerabilities that can affect IBM Fusion HCI and IBM Fusion HCI for watsonx

Summary Multiple vulnerabilities affecting IBM Fusion HCI and IBM Fusion HCI for watsonx could have resulted in reduced security. These issues have since been resolved. CVE-2023-5115, CVE-2023-5764, CVE-2024-9902, CVE-2024-8775, CVE-2024-11079, CVE-2024-9506, CVE-2024-43799, CVE-2024-6119,...

CVE-2020-5764

MX Player Android App versions prior to v1.24.5, are vulnerable to a directory traversal vulnerability when user is using the MX Transfer feature in "Receive" mode. An attacker can exploit this by connecting to the MX Transfer session as a "sender" and sending a MessageType of "FILELIST" with a...

OESA-2025-1394 ansible security update

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

OESA-2025-1393 ansible security update

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

OESA-2025-1391 ansible security update

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

Security Bulletin: IBM Cloud Pak for Network Automation 2.6.5 fixes multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.6.5 fixes multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2002-0080 DESCRIPTION: rsync could allow a remote attacker to gain elevated privileges on the system. rsync fails to drop privileges for...

Linux Distros Unpatched Vulnerability : CVE-2018-5764

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The parsearguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass ...

Ubuntu: Security Advisory (USN-6846-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Azure Linux 3.0 Security Update: ansible (CVE-2023-5764)

The version of ansible installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5764 advisory. - A template injection flaw was found in Ansible where a user's controller internal templating operations May...

Advisory ROSA-SA-2025-2553

Software: rsync 3.1.2 OS: rosa-server79 packageevrstring: rsync-3.1.2-12.0.1.res7 CVE-ID: CVE-2017-16548 BDU-ID: 2021-01395 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the receivexattr function in xattrs.c of the Rsync file transfer and synchronization utility is related to the lack of a check f...

Security Bulletin: IBM Fusion HCI Installer is vulnerable to arbitrary code execution, gaining of elevated privileges, obtaining sensitive information, and denial of service due to various Python packages

Summary The IBM Fusion Installer is affected by vulnerabilities in Ansible and Python packages dnspython, requests, certifi and idna. Vulnerabilities include arbitrary code execution, gaining of elevated privileges, obtaining sensitive information, and denial of service. CVE-2023-5764,...

USN-6846-2 ansible regression

USN-6846-1 fixed vulnerabilities in ansible. The update introduced a regression in ansible. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Ansible incorrectly handled certain inputs when using towercallback parameter. If a user...

CVE-2024-5764

creationtimestamp| type| source ---|---|--- 2024-10-23 18:13:29+00:00| seen| https://t.me/cvedetector/8696 2024-11-14 20:10:20+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/9036 2025-01-12 17:06:34+00:00| seen| https://bsky.app/profile/buherator.bsky.social/post/3lfkpgsva2m2h...