MiracleLinux 9 : 389-ds-base-2.4.5-9.el9_4 (AXSA:2024-8654:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8654:07 advisory. 389-ds-base: Malformed userPassword hash may cause Denial of Service CVE-2024-5953 389-ds-base: unauthenticated user can trigger a DoS by sending a...

MiracleLinux 8 : 389-ds:1.4 (AXSA:2024-8806:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8806:01 advisory. 389-ds-base: Malformed userPassword hash may cause Denial of Service CVE-2024-5953 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : wget-1.14-18.el7.1 (AXSA:2019-3884:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-3884:01 advisory. Security Fix - wget CVE-2019-5953 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from the MiracleLinux security...

EUVD-2025-5953

Malicious code in bioql PyPI...

CGA-PM85-8MXR-5953

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2018-5953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The swiotlbprintinfo function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg...

WordPress WP Human Resource Management plugin 2.0.0-2.2.17 - Missing Authorization to Authenticated (Employee+) Privilege Escalation vulnerability

Missing Authorization to Authenticated Employee+ Privilege Escalation vulnerability discovered by kr0d in WordPress Plugin WP Human Resource Management versions 2.0.0-2.2.17...

CVE-2024-5953

creationtimestamp| type| source ---|---|--- 2025-07-05 06:11:35+00:00| seen| Telegram/WxoSytSs8Fl40qZITd-i05zi6GItywBUr-TJik2yh5HrF8...

CVE-2025-5953

creationtimestamp| type| source ---|---|--- 2025-07-04 03:45:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lt4decmkgc2r...

CVE-2025-5953

CVE-2025-5953 affects the WordPress plugin WP Human Resource Management (hrm) (versions 2.0.0–2.2.17). The vulnerability arises from missing authorization checks in the AJAX handlers ajax_insert_employee() and update_employee() . The attacker, authenticated with Employee-level access or higher , ...

TencentOS Server 2: 389-ds-base (TSSA-2024:0434)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0434 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

TencentOS Server 3: 389-ds:1.4 (TSSA-2024:0767)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0767 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2023-5953

The Welcart e-Commerce WordPress plugin before 2.9.5 does not validate files to be uploaded, as well as does not have authorisation and CSRF in an AJAX action handling such upload. As a result, any authenticated users, such as subscriber could upload arbitrary files, such as PHP on the server...

CVE-2020-5953

A vulnerability exists in System Management Interrupt SWSMI handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT EFIRUNTIMESERVICES pointer to call a GetVariable service, which is located outside of SMRAM. This can result in code execution in SMM escalating...

Alibaba Cloud Linux 3 : 0180: 389-ds:1.4 (ALINUX3-SA-2024:0180)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0180 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-5953: A denial of service vulnerability wa...

Alibaba Cloud Linux 3 : 0063: wget (ALINUX3-SA-2022:0063)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0063 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-5953: Buffer overflow in GNU Wget 1.20.1 a...

Amazon Linux 2 : 389-ds-base (ALAS-2025-2798)

The version of 389-ds-base installed on the remote host is prior to 1.3.10.2-17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2798 advisory. A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user...

Linux Distros Unpatched Vulnerability : CVE-2024-5953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while...

Linux Distros Unpatched Vulnerability : CVE-2017-5953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory...

RHEL 8 : redhat-ds:11 (RHSA-2025:1632)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:1632 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol...