CVE-2021-22332

There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious...

CVE-2021-22328

There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800...

CVE-2021-22362

There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions...

EUVD-2017-5800

Malware in sbrugna...

EUVD-2017-17119

Malware in sbrugna...

EUVD-2021-26332

Malware in sbrugna...

EUVD-2021-27232

Malware in sbrugna...

EUVD-2016-6757

Malware in sbrugna...

EUVD-2025-5800

Malicious code in bioql PyPI...

CVE-2025-5800 Testimonial Post type <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via auto_play Parameter

The Testimonial Post type plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘autoplay’ parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-lev...

WordPress Testimonial Post type plugin <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via auto_play Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via autoplay Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Testimonial Post type versions = 1.2.1...

CVE-2021-39976

There is a privilege escalation vulnerability in CloudEngine 5800 V200R020C00SPC600. Due to lack of privilege restrictions, an authenticated local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege...

CVE-2021-22393

There is a denial of service vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. The affected product cannot deal with some messages because of module design weakness . Attackers can exploit this vulnerability by sending a large amount of...

CVE-2020-5800

The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify information that they would not normally have access to...

Linux Distros Unpatched Vulnerability : CVE-2018-5800

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An off-by-one error within the LibRaw::kodakycbcrloadraw function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.7 can be exploited to cause a...

CVE-2024-5800

Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation Runtime versions before 6.0.2, allowing a network attacker to decrypt the SSL/TLS communication...

AXIS OS RCE Vulnerability (Feb 2024)

AXIS OS is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:axis:axisos"; if...

TEM Opera Plus FM Family Transmitter 35.45 - XSRF Vulnerability

CSRF Change Forward Power: -------------------------...

CVE-2023-5800

creationtimestamp| type| source ---|---|--- 2024-02-05 07:26:43+00:00| seen| https://t.me/ctinow/178987 2024-02-25 16:46:32+00:00| seen| https://t.me/ctinow/192933...

CVE-2023-5800

Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API createoverlay.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service...