CGA-8784-5948-H3QW

Bulletin has no description...

WordPress Service Finder Bookings plugin <= 6.0 - Unauthenticated Privilege Escalation via claim_business vulnerability

Unauthenticated Privilege Escalation via claimbusiness vulnerability discovered by Foxyyy in WordPress Plugin Service Finder Booking versions = 6.0...

DSA-5948-1 trafficserver - security update

Bulletin has no description...

CVE-2020-5948

On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the...

CVE-2013-5948

creationtimestamp| type| source ---|---|--- 2024-11-29 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-11-29 2024-12-02 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-12-02 2024-12-14 00:00:00+00:00| seen| The Shadowserver...

CVE-2024-5948 Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability

Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploi...

CGA-P834-547V-5948

Bulletin has no description...

RockyLinux 9 : galera, mariadb, and mysql-selinux (RLSA-2022:5948)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5948 advisory. mariadb: MariaDB through 10.5.9 allows attackers to trigger a convertconsttoint use-after-free when the BIGINT data type is used CVE-2021-46669 mariadb:...

CVE-2023-5948

CVE-2023-5948 affects teamamaze/amazefileutilities prior to version 1.91. The root cause is improper authorization in the repository logic. Public sources in the connected set describe an affected component and versions before 1.91, with remediation to update to 1.91 or later (as noted by PT-2023...

CVE-2023-5948 Improper Authorization in teamamaze/amazefileutilities

Improper Authorization in GitHub repository teamamaze/amazefileutilities prior to 1.91...

CVE-2023-5948 Improper Authorization in teamamaze/amazefileutilities

Improper Authorization in GitHub repository teamamaze/amazefileutilities prior to 1.91...

CVE-2023-5948 Improper Authorization in teamamaze/amazefileutilities

Improper Authorization in GitHub repository teamamaze/amazefileutilities prior to 1.91...

K42696541: F5 TMUI XSS vulnerability CVE-2020-5948

Security Advisory Description Undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role. CVE-2020-5948 Impact An attacker may exploit this vulnerability using a crafted URL t...

Oracle Linux 9 : galera, / mariadb, / and / mysql-selinux (ELSA-2022-5948)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5948 advisory. galera 26.4.11-1.0.1 - Requirement to delete garbd-wrapper script and lp1184034 test case without using patches. Patches from previous release have bee...

RHEL 9 : galera, mariadb, and mysql-selinux (RHSA-2022:5948)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5948 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded ...

CVE-2020-5948

creationtimestamp| type| source ---|---|--- 2020-12-11 22:39:00+00:00| seen| https://t.me/cibsecurity/20484 2020-12-11 22:54:33+00:00| seen| https://t.me/cibsecurity/20503 2020-12-11 23:25:28+00:00| seen| https://t.me/cibsecurity/20523 2020-12-12 00:25:28+00:00| seen| https://t.me/cibsecurity/205...

CVE-2020-5948

On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the...

CVE-2020-5948

CVE-2020-5948 is an iControl REST reflected XSS in BIG-IP. Connected advisories (F5 K42696541) specify affected branches and fixed versions: BIG-IP 16.x vulnerable in 16.0.0; fixed in 16.0.1.1. 15.x vulnerable in 15.0.0–15.1.0; fixed in 15.1.1. 14.x vulnerable in 14.1.0–14.1.2; fixed in 14.1.2.8....

CVE-2020-5948 — F5 TMUI XSS vulnerability

On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2. Undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the...

VulnCheck KEV: CVE-2013-5948

The Network Analysis tab MainAnalysisContent.asp in the ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field destIP parameter...