58 matches found
CVE-2026-5879 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-5879 vulnerabilities
Vulnerabilities for packages: chromium...
SUSE CVE-2026-5879
Insufficient validation of untrusted input in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-5879
Insufficient validation of untrusted input in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-5879
Insufficient validation of untrusted input in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-5879
creationtimestamp| type| source ---|---|--- 2026-04-08 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260409 2026-04-12 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260413 2026-04-13...
CVE-2025-5879
A vulnerability, which was classified as problematic, was found in WuKongOpenSource WukongCRM 9.0. This affects an unknown part of the file AdminSysConfigController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to initiate t...
CVE-2025-5879
A vulnerability, which was classified as problematic, was found in WuKongOpenSource WukongCRM 9.0. This affects an unknown part of the file AdminSysConfigController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to initiate t...
CVE-2025-5879 WuKongOpenSource WukongCRM File Upload AdminSysConfigController.java cross site scripting
A vulnerability, which was classified as problematic, was found in WuKongOpenSource WukongCRM 9.0. This affects an unknown part of the file AdminSysConfigController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to initiate t...
CVE-2025-5879 WuKongOpenSource WukongCRM File Upload AdminSysConfigController.java cross site scripting
A vulnerability, which was classified as problematic, was found in WuKongOpenSource WukongCRM 9.0. This affects an unknown part of the file AdminSysConfigController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to initiate t...
CVE-2025-5879
CVE-2025-5879 affects WuKongOpenSource WukongCRM 9.0, specifically the File Upload component in AdminSysConfigController.java. The root cause is improper handling of the File argument, leading to cross-site scripting. Exported as a remote-exploitable issue, with public disclosure of the exploit. ...
CVE-2020-5879
On BIG-IP ASM 11.6.1-11.6.5.1, under certain configurations, the BIG-IP system sends data plane traffic to back-end servers unencrypted, even when a Server SSL profile is applied...
CVE-2012-5879
An ActiveX control in McHealthCheck.dll in McAfee Virtual Technician MVT and ePO-MVT 6.5.0.2101 and earlier allows remote attackers to modify or create arbitrary files via a full pathname argument to the Save method...
Debian: Security Advisory (DSA-5879-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DSA-5879-1 opensaml - security update
Bulletin has no description...
WordPress HubSpot Plugin <= 11.1.22 is vulnerable to Cross Site Scripting (XSS)
Software HubSpot Type Plugin Vulnerable versions = 11.1.22 Fixed in 11.1.34 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5879 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID db39dc037825 Credits wesley wcraft Required...
CVE-2023-5879
creationtimestamp| type| source ---|---|--- 2024-01-03 21:27:04+00:00| seen| https://t.me/ctinow/162600 2024-01-04 01:37:38+00:00| seen| https://t.me/cibsecurity/74341 2024-01-05 20:36:28+00:00| seen| https://t.me/arpsyndicate/2520 2024-01-23 22:31:35+00:00| seen| https://t.me/ctinow/172363...
CVE-2023-5879
CVE-2023-5879: In Genie Aladdin Connect Android app (versions 5.65 Build 2075 and earlier), authentication data was stored in clear text in the app’s local storage, enabling recovery of credentials if the device is compromised. Root cause: insecure storage of sensitive data within the Android app...
CVE-2023-5879 Aladdin Connect Android Application Insecure Storage
Users’ product account authentication data was stored in clear text in The Genie Company Aladdin Connect Mobile Application Version 5.65 Build 2075 and below on Android Devices. This allows the attacker, with access to the android device, to potentially retrieve users' clear text authentication...
CVE-2023-5879 Aladdin Connect Android Application Insecure Storage
Users’ product account authentication data was stored in clear text in The Genie Company Aladdin Connect Mobile Application Version 5.65 Build 2075 and below on Android Devices. This allows the attacker, with access to the android device, to potentially retrieve users' clear text authentication...