Astra Linux - уязвимость в linux-firmware

Improper input validation in some IntelR Graphics Drivers for Windows before version 26.20.100.7212 and before the Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access...

CVE-2026-2714 Institute Management <= 5.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Enquiry Form Title' Setting

The Institute Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Enquiry Form Title' setting in all versions up to, and including, 5.5. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

Magic Iso Maker 缓冲区错误漏洞

Magic Iso Maker is a disc imaging tool developed by Magic Iso Corporation. Version 5.5 build 281 of Magic Iso Maker has a buffer error vulnerability. This vulnerability stems from a buffer overflow in the Serial Code registration field, which could allow local attackers to cause the application t...

CVE-2026-23858

Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Script Injection...

CVE-2026-1791

CVE-2026-1791 concerns Hillstone Networks products: Operation and Maintenance Security Gateway on Linux with vulnerable versions V5.5ST00001B113 and Hillstone Networks Security Gateway V5.5. The flaw is an unrestricted file upload of a dangerous file type, enabling an attacker to upload a web she...

CVE-2022-31168

Zulip is an open source team chat tool. Due to an incorrect authorization check in Zulip Server 5.4 and earlier, a member of an organization could craft an API call that grants organization administrator privileges to one of their bots. The vulnerability is fixed in Zulip Server 5.5. Members who...

PT-2026-1091

Name of the Vulnerable Software and Affected Versions gosaliajainam/online-movie-booking version 5.5 Description A SQL injection issue exists in the movie details.php file of the Online Movie Booking Application. This allows attackers to potentially gain sensitive information. The issue is presen...

CSLA .NET 代码问题漏洞

CSLA .NET is an open source software development framework from Marimer LLC. It helps users build reusable and maintainable object-oriented business layers for applications. A code issue vulnerability exists in CSLA .NET 5.5.4 and prior versions that stems from improper deserialization and could...

CVE-2025-43942

Dell Unity OS has an OS Command Injection vulnerability (CVE-2025-43942) affecting Dell Unity versions 5.5 and earlier. The issue arises from improper neutralization of special elements in OS commands, allowing a low-privilege, locally-accessible attacker to achieve command execution and privileg...

CVE-2025-43940

Dell Unity, versions 5.5 and Prior, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privilege...

EUVD-2025-37007

Dell Unity, versions 5.5 and prior, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges...

EUVD-2020-28332

Malware in sbrugna...

EUVD-2025-23502

Malicious code in bioql PyPI...

EUVD-2025-15508

Malicious code in bioql PyPI...

Dell Unity 操作系统命令注入漏洞

Dell Unity is a set of virtual Unity storage environments from Dell USA. An operating system command injection vulnerability exists in Dell Unity 5.5 and prior versions, which stems from the svcnfssupport utility failing to properly filter construct command special characters, commands, etc. An...

CVE-2013-7478

The events-manager plugin before 5.5 for WordPress has XSS via EMTicket::getpost...

CVE-2024-54234

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wp-buy Limit Login Attempts wp-limit-failed-login-attempts allows SQL Injection.This issue affects Limit Login Attempts: from n/a through = 5.5...

CVE-2024-54234 WordPress Limit Login Attempts plugin <= 5.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wp-buy Limit Login Attempts wp-limit-failed-login-attempts allows SQL Injection.This issue affects Limit Login Attempts: from n/a through = 5.5...

WordPress plugin Simple User Registration 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

RHSA-2014:1859 Red Hat Security Advisory: mysql55-mysql security update

Bulletin has no description...