CVE-2025-5821

creationtimestamp| type| source ---|---|--- 2025-08-23 08:33:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lx2kr5fosb27 2025-08-24 01:31:51+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lx4dnmz5mu2u 2025-09-15 16:54:18+00:00| seen|...

WordPress Case Theme User plugin <= 1.0.3 - Authentication Bypass via Social Login vulnerability

Authentication Bypass via Social Login vulnerability discovered by Foxyyy in WordPress Plugin Case Theme User versions = 1.0.3...

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.5.179 Revision 904 1.5.56 Revision 884 1.229 Revision 440 Summary: ESE Elber Satellite Equipment product line, designed for the high-end radio contribution and...

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config Vulnerability

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.5.179 Revision 904 1.5.56 Revision 884 1.229 Revision 440 Summary: ESE Elber Satellite Equipment product line, designed for the high-end radio contribution and...

CVE-2024-5821

The vulnerability allows an attacker to access sensitive files on the server by confusing the agent with incorrect file names. When a user requests the content of a file with a misspelled name, the agent attempts to correct the command and inadvertently reveals the content of the intended file,...

CVE-2024-5821 Local File Inclusion (LFI) in stitionai/devika

The vulnerability allows an attacker to access sensitive files on the server by confusing the agent with incorrect file names. When a user requests the content of a file with a misspelled name, the agent attempts to correct the command and inadvertently reveals the content of the intended file,...

CVE-2024-5821

CVE-2024-5821 describes a Local File Inclusion (LFI) in Stitionai/Devika (Devika AI software) where an attacker can access sensitive server files by exploiting a command-correction behavior when a user requests a misspelled filename. The underlying issue is that the agent’s correction attempt rev...

CVE-2024-5821 Local File Inclusion (LFI) in stitionai/devika

The vulnerability allows an attacker to access sensitive files on the server by confusing the agent with incorrect file names. When a user requests the content of a file with a misspelled name, the agent attempts to correct the command and inadvertently reveals the content of the intended file,...

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference Vulnerability

Elber ESE DVB-S/S2 Satellite Receiver version 1.5.x suffers from an unauthenticated device configuration and client-side hidden functionality disclosure vulnerability. Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected...

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.5.179 Revision 904 1.5.56 Revision 884 1.229 Revision 440 Summary: ESE Elber Satellite Equipment product line, designed for the high-end radio contribution and...

Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2022:5821)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5821 advisory. - A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursoralloc function can lead to the allocation of a small...

CVE-2023-5821

creationtimestamp| type| source ---|---|--- 2023-10-27 16:17:08+00:00| seen| https://t.me/cibsecurity/73053...

CVE-2023-5821

The CVE-2023-5821 issue affects the WordPress plugin Thumbnail carousel slider (

WordPress Thumbnail carousel slider Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Thumbnail carousel slider Type Plugin Vulnerable versions = 1.0 Fixed in 1.0.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5821 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 9f54b1a63e12 Credits Ala Arfaoui...

Ubuntu: Security Advisory (USN-5821-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 ESM / 18.04 LTS : pip regression (USN-5821-4)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5821-4 advisory. USN-5821-3 fixed a vulnerability in pip. The update introduced a minor regression in Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. This...

SUSE CVE-2019-5821

Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file...

Ubuntu: Security Advisory (USN-5821-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5821-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : wheel vulnerability (USN-5821-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5821-1 advisory. Sebastian Chnelik discovered that wheel incorrectly handled certain file names when validated against a regex expression. An attacker coul...