ECHO-93C5-5788-8DA1

Bulletin has no description...

CVE-2026-5788

An Improper Access Control in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to invoke arbitrary methods...

CVE-2025-5788

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

CVE-2025-5788

creationtimestamp| type| source ---|---|--- 2025-06-06 17:43:02+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114637654030045633 2025-06-06 19:28:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqxkxp6dvd2e...

CVE-2025-5788 TOTOLINK X15 HTTP POST Request formReflashClientTbl buffer overflow

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

CVE-2020-5788

Relative Path Traversal in Teltonika firmware TRB2R00.02.04.3 allows a remote, authenticated attacker to delete arbitrary files on disk via the admin/system/admin/certificates/delete action...

Debian: Security Advisory (DSA-5788-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-5788 Silesia <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Shortcode

The Silesia theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’ attribute within the theme's Button shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...

WordPress Silesia Theme <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Silesia Type Theme Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5788 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0a70857ded97 Credits Francesco Carlucci Required privile...

RoyalTSX 6.0.1 - RTSZ File Handling Heap Memory Corruption PoC

RoyalTSX 6.0.1 RTSZ File Handling Heap Memory Corruption PoC Vendor: Royal Apps GmbH Web page: https://www.royalapps.com Affected version: 6.0.1.1000 macOS Summary: Royal TS is an ideal tool for system engineers and other IT professionals who need remote access to systems with different protocols...

RHEL 8 : python-reportlab (RHSA-2023:5788)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5788 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : curl vulnerabilities (USN-5788-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5788-1 advisory. Hiroki Kurosawa discovered that curl incorrectly handled HSTS support when certain hostnames included IDN characters. A remote...

CVE-2020-5788

CVE-2020-5788 affects Teltonika firmware TRB2_R_00.02.04.3 where a relative path traversal in the admin/certificates/delete action allows a remote, authenticated attacker to delete arbitrary files on disk. Root cause: insufficient validation/sanitization of file paths in the delete endpoint. Impa...

CVE-2019-5788

An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page...

CVE-2019-5788

CVE-2019-5788 affects Chromium-based Chrome/Chromium before 73.0.3683.75. The sources describe use-after-free in the FileAPI component (and related issues in Blink Storage) triggered by crafted HTML, with an integer overflow contributing to exploitation. The Debian Arch Linux advisories confirm t...

Google Chrome Use After Free Denial Of Service (CVE-2019-5788; CVE-2019-5789)

Multiple use-after-free vulnerabilities exist in Google Chrome. Successful exploitation of these vulnerabilities could allow a remote attacker to create a denial of service condition on the affected system...

Important: Red Hat Security Advisory: chromium-browser security update

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Debian: Security Advisory (DSA-4421-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for chromium (openSUSE-SU-2019:1062-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : chromium (openSUSE-2019-1062)

This update for chromium to version 73.0.3683.75 fixes the following issues : Security issues fixed bsc1129059 : - CVE-2019-5787: Fixed a use after free in Canvas. - CVE-2019-5788: Fixed a use after free in FileAPI. - CVE-2019-5789: Fixed a use after free in WebMIDI. - CVE-2019-5790: Fixed a heap...