56 matches found
CVE-2026-5937
Insufficient parameter verification leads to the occurrence of format errors in files, which will trigger an unhandled "std::invalidargument" exception, ultimately causing the program to terminate...
EUVD-2025-5937
Malicious code in bioql PyPI...
CVE-2025-5937 MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet <= 3.2.0 - Cross-Site Request Forgery to Settings Reset
The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the adminOptions function. This makes it...
CVE-2025-5937
CVE-2025-5937 affects the MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet WordPress plugin (
WordPress MicroPayments plugin <= 3.2.0 - Cross-Site Request Forgery to Settings Reset vulnerability
Cross-Site Request Forgery to Settings Reset vulnerability discovered by Nabil Irawan in WordPress Plugin MicroPayments versions = 3.2.0...
CVE-2020-5937
On BIG-IP AFM 15.1.0-15.1.0.5, the Traffic Management Microkernel TMM may produce a core file while processing layer 4 L4 behavioral denial-of-service DoS traffic...
CVE-2019-5937
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the user information...
CentOS 7 : kernel (RHSA-2022:5937)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5937 advisory. - Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable information disclosu...
CVE-2024-5937
creationtimestamp| type| source ---|---|--- 2024-07-09 11:49:49+00:00| seen| https://t.me/cvedetector/280...
CVE-2024-5937 Simple Alert Boxes <= 1.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Alert Shortcode
The Simple Alert Boxes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Alert shortcode in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-5937 Simple Alert Boxes <= 1.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Alert Shortcode
The Simple Alert Boxes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Alert shortcode in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
WordPress Simple Alert Boxes Plugin <= 1.4.0 is vulnerable to Cross Site Scripting (XSS)
Software Simple Alert Boxes Type Plugin Vulnerable versions = 1.4.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5937 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 43f7db91ddf0 Credits Francesco Carlucci...
CVE-2023-5937 Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0
On Windows systems, the Arc configuration files resulted to be world-readable. This can lead to information disclosure by local attackers, via exfiltration of sensitive data from configuration files...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : Opusfile vulnerability (USN-5937-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5937-1 advisory. It was discovered that Opusfile was not properly validating pointer arguments in some of its functions, which could lead to a...
K58290051: BIG-IP AFM vulnerability CVE-2020-5937
Security Advisory Description The Traffic Management Microkernel TMM may produce a core file while processing layer 4 L4 behavioral denial-of-service DoS traffic. CVE-2020-5937 Impact The BIG-IP system may temporarily fail to process traffic as it recovers from a TMM restart, and devices configur...
SUSE CVE-2017-9021
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-5937. Reason: This candidate is a reservation duplicate of CVE-2017-5937. Notes: All CVE users should reference CVE-2017-5937 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental...
Security Bulletin: Vulnerability in IBM® Sterling B2B Integrator can lead to ability to execute OS commands from CLA2 server without authentication (CVE-2012-5937).
Abstract A security vulnerability exists in the Sterling B2B Integrator CLA2 server which permits an unauthenticated user to execute arbitrary OS commands. Content VULNERABILITY DETAILS: CVE ID: CVE-2012-5937 DESCRIPTION: A security vulnerability exists in the Sterling B2B Integrator CLA2 server...
Oracle Linux 7 : kernel (ELSA-2022-5937)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5937 advisory. 3.10.0-1160.76.1.0.1.OL7 debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.76.1.OL7 Update Oracle Linux certificates Ilya Okomin Oracle...
Scientific Linux Security Update : kernel on SL7.x x86_64 (2022:5937)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:5937-1 advisory. - Incomplete cleanup of multi-core shared buffers aka SBDR CVE-2022-21123 - Incomplete cleanup of microarchitectural fill buffers aka SBDS...
RHEL 7 : kernel (RHSA-2022:5937)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5937 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: Incomplete cleanup of multi-core share...