85 matches found
BELL-CVE-2026-5950
Bulletin has no description...
[SECURITY] [DSA 6285-1] bind9 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6285-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 20, 2026 https://www.debian.org/security/faq -...
CVE-2026-5950
An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...
ISC BIND 9.18.36 < 9.18.49 / 9.18.36-S1 < 9.18.49-S1 / 9.20.8 < 9.20.23 / 9.20.9-S1 < 9.20.23-S1 / 9.21.7 < 9.21.22 Vulnerability (cve-2026-5950)
The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-5950 advisory. - An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a...
UBUNTU-CVE-2026-5950
An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...
MiracleLinux 8 : edk2-20220126gitbb1bba3d77-4.el8 (AXSA:2023-5950:03)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5950:03 advisory. openssl: X.400 address type confusion in X.509 GeneralName CVE-2023-0286 openssl: timing attack in RSA Decryption implementation CVE-2022-4304...
Rockwell Automation Allen-Bradley Stratix 5950 Improper Access Control (CVE-2019-1649)
Cisco Systems, Inc. Cisco released an advisory regarding a vulnerability in the logic that handles access control to a hardware component in Cisco's proprietary Secure Boot implementation. If successfully exploited, an attacker could write a modified firmware image to the component. The...
MiracleLinux 7 : mailman-2.1.15-26.el7.1 (AXSA:2018-2615:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2018-2615:01 advisory. mailman: Cross-site scripting XSS vulnerability in web UI CVE-2018-5950 Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 4 : mailman-2.1.12-26.AXS4.3 (AXSA:2018-2616:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2018-2616:01 advisory. mailman: Cross-site scripting XSS vulnerability in web UI CVE-2018-5950 Tenable has extracted the preceding description block directly from the MiracleLinux...
CVE-2025-61198
A stored cross-site scripting XSS vulnerability in Optimod 5950 - Optimod 5950HD - Optimod 5750 - Optimod 5750HD - Optimod Trio - Optimod version 1.0.0.33 - System version 2.5.26, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payloa...
Orban多款产品 安全漏洞
Orban Optimod 5950 and others are a broadcast audio processor from Orban USA. A security vulnerability exists in various Orban products that stems from a malicious payload in logs that is not handled correctly, which could lead to a stored cross-site scripting attack. The following products and...
EUVD-2025-32535
A stored cross-site scripting XSS vulnerability in Optimod 5950 - Optimod 5950HD - Optimod 5750 - Optimod 5750HD - Optimod Trio - Optimod version 1.0.0.33 - System version 2.5.26, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payloa...
Debian: Security Advisory (DSA-5950-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
WordPress IndieBlocks plugin <= 0.13.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via kind Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via kind Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin IndieBlocks versions = 0.13.2...
CVE-2025-5950
The IndieBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘kind’ parameter in all versions up to, and including, 0.13.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2025-5950
creationtimestamp| type| source ---|---|--- 2025-06-13 02:34:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18253 2025-06-13 05:04:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrhnxl7so52p...
CVE-2025-5950 IndieBlocks <= 0.13.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via kind Parameter
The IndieBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘kind’ parameter in all versions up to, and including, 0.13.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2023-5950
Rapid7 Velociraptor versions prior to 0.7.0-4 suffer from a reflected cross site scripting vulnerability. This vulnerability allows attackers to inject JS into the error path, potentially leading to unauthorized execution of scripts within a user's web browser. This vulnerability is fixed in...
CVE-2020-5950
On BIG-IP 14.1.0-14.1.2.6, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role...
CVE-2025-28229
Incorrect access control in Orban OPTIMOD 5950 Firmware v1.0.0.2 and System v2.2.15 allows attackers to bypass authentication and gain Administrator privileges...