CGA-5767-PFQJ-2JQW

Bulletin has no description...

CVE-2026-5767

creationtimestamp| type| source ---|---|--- 2026-04-25 12:33:05+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mkd2eoas5o2l...

MiracleLinux 7 : php-5.4.16-42.el7 (AXSA:2016-1118:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-1118:03 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers...

CVE-2025-5767

creationtimestamp| type| source ---|---|--- 2025-07-18 08:52:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lua2zy2owk2j...

CVE-2025-5767 Crowdfunding for WooCommerce <= 3.1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter

The Crowdfunding for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 3.1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress Crowdfunding for WooCommerce plugin <= 3.1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via width Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Crowdfunding for WooCommerce versions = 3.1.14...

CVE-2024-5767

The sitetweet WordPress plugin through 0.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

CVE-2020-5767

Cross-site request forgery in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote attacker to send forged emails by tricking legitimate users into clicking a crafted link...

Linux Distros Unpatched Vulnerability : CVE-2016-5767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library aka libgd before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23,...

CVE-2024-5767 Sitetweet <= 0.2 - Stored XSS via CSRF

The sitetweet WordPress plugin through 0.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

CVE-2024-5767 Sitetweet <= 0.2 - Stored XSS via CSRF

The sitetweet WordPress plugin through 0.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

WordPress sitetweet Plugin <= 0.2 is vulnerable to Cross Site Scripting (XSS)

Software sitetweet Type Plugin Vulnerable versions = 0.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5767 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c48f5eb9dccc Credits WPscan Required privilege...

CGA-5767-P48P-6X9V

Bulletin has no description...

RHEL 5 : gd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gd: Double free in the gdImagePtr in gdgifout.c, gdjpeg.c, and gdwbmp.c CVE-2019-6978 - The...

CVE-2023-5767

creationtimestamp| type| source ---|---|--- 2023-12-23 09:41:50+00:00| seen| https://t.me/ctinow/158747 2025-05-08 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-128-02...

CVE-2023-5767

CVE-2023-5767 affects Hitachi Energy RTU500 series CMU firmware webserver. The vulnerability arises from improper sanitization of an RDT language file, enabling cross-site scripting on the webserver. Documented impact includes cross-site scripting risk with medium severity (CVSS ~6.0–6.1) and net...

Oracle Linux 7 : kubernetes (ELSA-2020-5767)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5767 advisory. - CVE-2020-8559: Privilege escalation from compromised node to cluster Tenable has extracted the preceding description block directly from the Oracle...

Ubuntu 18.04 LTS : Python vulnerability (USN-5767-3)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5767-3 advisory. USN-5767-1 fixed vulnerabilities in Python. This update fixes the problem for Ubuntu 18.04 LTS. Tenable has extracted the preceding description block directly fro...

Ubuntu 16.04 ESM : Python vulnerability (USN-5767-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5767-2 advisory. USN-5767-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has extracted the...

AlmaLinux 9 : firefox (ALSA-2022:5767)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:5767 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...