101 matches found
CVE-2026-5814
A security vulnerability has been detected in PHPGurukul Online Course Registration 3.1. This issue affects some unknown processing of the file /admin/checkavailability.php. The manipulation of the argument regno leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2026-5814
creationtimestamp| type| source ---|---|--- 2026-04-09 00:05:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mizj4vtmff2n 2026-04-09 01:28:16+00:00| published-proof-of-concept| Telegram/XRvc7f-x7KgmkvO7GcbaizI94C7ZhNHc5jsbe-dfAO5iAWk...
CVE-2026-5814
CVE-2026-5814 affects PHPGurukul Online Course Registration 3.1. The vulnerability is in the /admin/check_availability.php script, where manipulating the regno parameter leads to SQL injection. Attack vector is NETWORK with LOW attack complexity and no required privileges or user interaction. Rep...
Hewlett Packard Enterprise AutoPass License Server Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 5814 by...
CVE-2025-5814
CVE-2025-5814 affects the WordPress plugin Profiler – What Slowing Down Your WP. The issue is an unauthorized data modification vulnerability caused by a missing capability check in the wpsd_plugin_control() function present in all versions up to and including 1.0.0. This enables unauthenticated ...
Linux Distros Unpatched Vulnerability : CVE-2024-5814
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection...
Azure Linux 3.0 Security Update: mariadb (CVE-2024-5814)
The version of mariadb installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-5814 advisory. - A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it d...
CBL Mariner 2.0 Security Update: mariadb (CVE-2024-5814)
The version of mariadb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-5814 advisory. - A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it d...
Hewlett Packard Enterprise AutoPass License Server Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 5814 by...
Hewlett Packard Enterprise AutoPass License Server XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 58...
Hewlett Packard Enterprise AutoPass License Server SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 58...
Slackware: Security Advisory (SSA:2024-253-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] netatalk
New netatalk packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/netatalk-3.2.8-i586-1slack15.0.txz: Upgraded. Bump bundled WolfSSL library to stable version 5.7.2, GitHub 1433. For more informatio...
Slackware Linux 15.0 / current netatalk Multiple Vulnerabilities (SSA:2024-253-01)
The version of netatalk installed on the remote host is prior to 3.2.8. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-253-01 advisory. New netatalk packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the...
SUSE CVE-2024-5814
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello...
CVE-2024-5814
creationtimestamp| type| source ---|---|--- 2024-08-27 22:24:48+00:00| seen| https://t.me/cvedetector/4271...
CVE-2024-5814 Unverifed Ciphersuite used on a client-side TLS1.3 Downgrade
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello...
Oracle Linux 8 : nodejs:20 (ELSA-2024-5814)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5814 advisory. nodejs 1:20.16.0-1 - Update to 20.16.0 Fixes: CVE-2024-36137 CVE-2024-22018 CVE-2024-22020 nodejs-nodemon nodejs-packaging Tenable has extracted the...
Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Authentication Bypass
Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.999 Revision 1243 1.317 Revision 602 1.220 Revision 1250 1.220 Revision 12481249 1.220 Revision 597 1.217 Revision 1242 1.214 Revision 1023 1.19...
Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass Vulnerability
Elber Signum DVB-S/S2 IRD for Radio Networks version 1.999 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the setpwd endpoint that enables th...