CLSA-2026-1777306004 wireshark: Fix of CVE-2022-0586

CVE-2022-0586: fix infinite loop in RTMPT dissector rtmptgetamflength...

EUVD-2025-36624

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TieLabs Sahifa sahifa allows DOM-Based XSS.This issue affects Sahifa: from n/a through 5.8.6...

WordPress Sahifa theme < 5.8.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Sahifa versions 5.8.6...

CVE-2025-52136

In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugin's acceptability for later Dashboard installation is set b...

PT-2025-32464 · Emqx · Emqx

Name of the Vulnerable Software and Affected Versions: EMQX versions prior to 5.8.6 Description: Administrators could install arbitrary novel plugins via the Dashboard web interface. The supplier considers this intended behavior; however, version 5.8.6 introduced a defense-in-depth feature...

EMQX 代码问题漏洞

EMQX is an MQTT messaging server from EMQX Corporation. A code issue vulnerability exists in EMQX versions prior to 5.8.6 that stems from the Dashboard interface allowing the installation of arbitrary plugins, which could lead to a security risk...

CVE-2025-52373

Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords used in database connections from hMailServer.ini config file...

WordPress ProfileGrid plugin <= 5.8.6 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Lucio Sá in WordPress Plugin ProfileGrid versions = 5.8.6...

CVE-2023-49179

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in N.O.U.S. Open Useful and Simple Event post allows Stored XSS.This issue affects Event post: from n/a through 5.8.6...

CVE-2023-45280

Yamcs 5.8.6 allows XSS issue 2 of 2. It comes with a Bucket as its primary storage mechanism. Buckets allow for the upload of any file. There's a way to upload an HTML file containing arbitrary JavaScript and then navigate to it. Once the user opens the file, the browser will execute the arbitrar...

PT-2023-29480 · Yamcs · Yamcs

Name of the Vulnerable Software and Affected Versions: Yamcs version 5.8.6 Description: The issue is related to directory traversal in the storage functionality of the API, allowing an attacker to escape the base directory of the buckets, navigate system directories, and read arbitrary files...

UBUNTU-CVE-2020-36766

An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks one byte of kernel memory on specific hardware to unprivileged users, because of directly assigning logaddrs with a hole in the struct...

Nagios XI 跨站脚本漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI version v5.8.6, which stems from the discovery of a cross-site...

Nagios XI SQL注入漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI version v5.8.6, which was discovered to contain an SQL injecti...

Nagios XI 跨站脚本漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI version v5.8.6, which stems from the discovery of a cross-site...

ITPison OMICARD EDM 路径遍历漏洞

ITPison OMICARD EDM is a high-speed email newsletter EDM marketing and distribution system from ITPison China. A security vulnerability exists in ITPison OMICARD EDM versions v5.8 to v6.0. The vulnerability stems from a path traversal in OMICARD EDM's Mail Image Forwarding feature, which can be...

CVE-2018-5787

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Stack Overflow in the RIM Radio Interface Module process running on the WiNG Access Point via crafted packets...

biweb SQL Injection Vulnerability

BIWEB Business Intelligence Website System is a website system relying on ArthurXF enterprise application-level PHP development framework, developed and designed by the Shanghai NetWorks Network Information Co., Ltd. is a rapid development, simple and easy to use object-oriented enterprise...