GitLab 18.10 < 18.10.4 / 18.11 < 18.11.1 (CVE-2026-5816)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.10.4 and 18.11 before 18.11.1 that could have allowed an unauthenticated user to execute arbitrary JavaScript...

CVE-2025-5816

CVE-2025-5816 affects the WordPress plugin “Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo – Biteship” (Biteship) up to version 3.2.0. The root cause is an Insecure Direct Object Reference via get_order_detail(), caused by a missing validation on a user-controlled key. This allows aut...

CVE-2024-5816

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed a suspended GitHub App to retain access to the repository via a scoped user access token. This was only exploitable in public repositories while private repositories were not impacted. This...

CVE-2013-5816

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote attackers to affect availability via unknown vectors related to Metro...

Debian: Security Advisory (DSA-5816-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-5816

creationtimestamp| type| source ---|---|--- 2024-10-30 04:59:48+00:00| seen| https://t.me/cvedetector/9396...

CVE-2023-5816 Code Explorer <= 1.4.5 - Authenticated (Admin+) External File Reading

The Code Explorer plugin for WordPress is vulnerable to arbitrary external file reading in all versions up to, and including, 1.4.5. This is due to the fact that the plugin does not restrict accessing files to those outside of the WordPress instance, though the intention of the plugin is to only...

CVE-2023-5816 Code Explorer <= 1.4.5 - Authenticated (Admin+) External File Reading

The Code Explorer plugin for WordPress is vulnerable to arbitrary external file reading in all versions up to, and including, 1.4.5. This is due to the fact that the plugin does not restrict accessing files to those outside of the WordPress instance, though the intention of the plugin is to only...

WordPress Code Explorer Plugin <= 1.4.5 is vulnerable to Directory Traversal

Software Code Explorer Type Plugin Vulnerable versions = 1.4.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Directory Traversal CVE CVE-2023-5816 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID 843977a32054 Credits Dmitrii Ignatyev Required privilege Administrato...

CVE-2024-5816

creationtimestamp| type| source ---|---|--- 2024-07-17 00:39:20+00:00| seen| https://t.me/cvedetector/1018...

CVE-2024-5816

CVE-2024-5816 – GitHub Enterprise Server : An Incorrect Authorization flaw allows a suspended GitHub App to retain access to repositories via a scoped user access token. Impact is limited to public repositories; private repos are not affected. Affected: all GitHub Enterprise Server versions prior...

CVE-2024-5816 Improper authorization allows persistent access in GitHub Enterprise Server

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed a suspended GitHub App to retain access to the repository via a scoped user access token. This was only exploitable in public repositories while private repositories were not impacted. This...

CVE-2024-5816 Improper authorization allows persistent access in GitHub Enterprise Server

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed a suspended GitHub App to retain access to the repository via a scoped user access token. This was only exploitable in public repositories while private repositories were not impacted. This...

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Authentication Bypass

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.0.0 Revision 7304 1.0.0 Revision 7284 1.0.0 Revision 6505 1.0.0 Revision 6332 1.0.0 Revision 6258 XS2DAB v1.50 rev 6267 Summary: Cleber offer...

GitHub: GitHub Apps can access suspended installations via scoped user-to-server tokens

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed a suspended GitHub App to retain access to the repository via a scoped user access token. This vulnerability was only exploitable in public repositories. The vulnerability affected all versions of...

Westermo MRD-305-DIN, MRD-315, MRD-355, and MRD-455 Use of Hard-Coded Cryptographic Key (CVE-2016-5816)

A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any other source. This...

SUSE CVE-2018-5816

An integer overflow error within the "identify" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.12 can be exploited to trigger a division by zero via specially crafted NOKIARAW file Note: This vulnerability is caused due to an incomplete fix of CVE-2018-5804...

Ubuntu 18.04 LTS / 20.04 LTS : Firefox regressions (USN-5816-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5816-2 advisory. USN-5816-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the...

Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5816-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5816-1 advisory. Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security opening restrictions, leading to a new...

Ubuntu: Security Advisory (USN-5816-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...