CVE-2026-5815

A vulnerability was detected in D-Link DIR-645 1.01/1.02/1.03. Impacted is the function hedwigcgimain of the file /cgi-bin/hedwig.cgi. The manipulation results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. This vulnerability only...

CVE-2025-5815

The Traffic Monitor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tfcmmaybesetbotflags function in all versions up to, and including, 3.2.2. This makes it possible for unauthenticated attackers to disabled bot logging...

WordPress Traffic Monitor plugin <= 3.2.2 - Missing Authorization to Unauthenticated Settings Update vulnerability

Missing Authorization to Unauthenticated Settings Update vulnerability discovered by ch4r0n in WordPress Plugin Traffic Monitor versions = 3.2.2...

CVE-2025-5815

creationtimestamp| type| source ---|---|--- 2025-06-13 04:34:38+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18260 2025-06-13 05:40:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrhpyp34f723 2025-06-13 15:00:06+00:00| published-proof-of-concept|...

CVE-2024-5815

A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types. A mitigating factor is that the attacker would have to be a trusted GitHub Enterprise Server user, and the victim would have to visit...

CVE-2023-5815

The News & Blog Designer Pack – WordPress Blog Plugin — Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post Ticker, Blog Post Masonry plugin for WordPress is vulnerable to Remote Code Execution via Local File Inclusion in all versions up to, and including, 3.4.1 via the bdpgetmorepost...

CVE-2020-11518

Zoho ManageEngine ADSelfService Plus before 5815 allows unauthenticated remote code execution...

Schneider Electric IONXXXX Series Power Meter Improper Access Control (CVE-2016-5815)

An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. No authentication is configured by default. An unauthorized user can access the device management portal and make...

Debian: Security Advisory (DSA-5815-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rocky Linux 9 : nodejs:20 (RLSA-2024:5815)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5815 advisory. nodejs: Bypass network import restriction via data URL CVE-2024-22020 nodejs: fs.lstat bypasses permission model CVE-2024-22018 nodejs: fs.fchown/fchmod...

Oracle Linux 9 : nodejs:20 (ELSA-2024-5815)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5815 advisory. nodejs 1:20.16.0-1 - Update to 20.16.0 Fixes: CVE-2024-36137 CVE-2024-22018 CVE-2024-22020 nodejs-nodemon nodejs-packaging Tenable has extracted the...

AlmaLinux 9 : nodejs:20 (ALSA-2024:5815)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:5815 advisory. nodejs: Bypass network import restriction via data URL CVE-2024-22020 nodejs: fs.lstat bypasses permission model CVE-2024-22018 nodejs: fs.fchown/fchmod...

CVE-2024-5815

creationtimestamp| type| source ---|---|--- 2024-07-17 00:39:27+00:00| seen| https://t.me/cvedetector/1022...

CVE-2024-5815 Cross Site Request Forgery was identified in GitHub Enterprise Server that allowed write in a user owned repository

A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types. A mitigating factor is that the attacker would have to be a trusted GitHub Enterprise Server user, and the victim would have to visit...

CVE-2024-5815 Cross Site Request Forgery was identified in GitHub Enterprise Server that allowed write in a user owned repository

A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types. A mitigating factor is that the attacker would have to be a trusted GitHub Enterprise Server user, and the victim would have to visit...

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 - Device Config Disclosure

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.999 Revision 1243 1.317 Revision 602 1.220 Revision 1250 1.220 Revision 12481249 1.220 Revision 597 1.217 Revision 1242 1.214 Revision 1023 1.193 Revisi...

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Insecure Direct Object Reference Vulnerability

Elber Signum DVB-S/S2 IRD for Radio Networks version 1.999 suffers from an unauthenticated device configuration and client-side hidden functionality disclosure vulnerability. Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber....

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Insecure Direct Object Reference

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.999 Revision 1243 1.317 Revision 602 1.220 Revision 1250 1.220 Revision 12481249 1.220 Revision 597 1.217 Revision 1242 1.214 Revision 1023 1.193 Revisi...

CVE-2019-5815

creationtimestamp| type| source ---|---|--- 2024-03-10 09:11:29+00:00| seen| https://t.me/ctinow/204153...

CVE-2023-5815

The News & Blog Designer Pack WordPress plugin (