CVE-2024-45325

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerabilities CWE-78 in Fortinet FortiDDoS-F version 7.0.0 through 7.02 and before 6.6.3 may allow a privileged attacker to execute unauthorized code or commands via crafted CLI requests...

WordPress Events Manager – Calendar, Bookings, Tickets, and more! plugin <= 6.6.3 - Unauthenticated SQL Injection via Event Status Parameter vulnerability

Unauthenticated SQL Injection via Event Status Parameter vulnerability discovered by mikemyers in WordPress Plugin Events Manager versions = 6.6.3...

PT-2024-37969

Name of the Vulnerable Software and Affected Versions The Events Calendar plugin for WordPress versions prior to 6.6.4 Description The Events Calendar plugin for WordPress is susceptible to Stored Cross-Site Scripting XSS through the RSVP name field. Insufficient input sanitization and output...

RHBA-2020:1494 Red Hat Bug Fix Advisory: Satellite 6.6.3 Async Bug Fix Update

Bulletin has no description...

Qt 安全漏洞

Qt is a cross-platform C++ application development framework from the Norwegian company Qt. It is widely used to develop GUI programs, in which case it is also known as the widget toolkit. It can also be used to develop non-GUI programs, such as console tools and servers. A security vulnerability...

CVE-2023-45585

An insertion of sensitive information into log file vulnerability CWE-532 in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, versi...

CVE-2023-45585

An insertion of sensitive information into log file vulnerability CWE-532 in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, versi...

PT-2023-8536 · Fortinet · Fortisiem

Name of the Vulnerable Software and Affected Versions: Fortinet FortiSIEM versions 6.4.0 through 6.4.2 Fortinet FortiSIEM versions 6.5.0 through 6.5.2 Fortinet FortiSIEM versions 6.6.0 through 6.6.3 Fortinet FortiSIEM versions 6.7.0 through 6.7.8 Fortinet FortiSIEM versions 7.0.0 through 7.0.2...

CVE-2023-29726

The Call Blocker application 6.6.3 for Android incorrectly opens a key component that an attacker can use to inject large amounts of dirty data into the application's database. When the application starts, it loads the data from the database into memory. Once the attacker injects too much data, t...

PT-2023-22378 · Unknown · Call Blocker

Name of the Vulnerable Software and Affected Versions: Call Blocker application version 6.6.3 Description: The issue allows an attacker to inject large amounts of data into the application's database, causing it to crash due to an out-of-memory OOM error when it loads the data into memory on...

PT-2023-22379 · Unknown · The Call Blocker

Name of the Vulnerable Software and Affected Versions: The Call Blocker application version 6.6.3 Description: The issue allows unauthorized applications to use exposed components to delete data stored in the database related to user privacy settings, affecting the normal functionality of the...

PT-2023-22380 · Unknown · Call Blocker

Name of the Vulnerable Software and Affected Versions: Call Blocker application version 6.6.3 Description: The issue allows attackers to tamper with feature-related data, resulting in a severe elevation of privilege attack. Recommendations: For version 6.6.3, update to a newer version that contai...

Druva inSync Windows Client 6.6.3 CVE-2020-5752 - Local Privilege Escalation

Druva inSync Windows Client version 6.6.3 suffers from a local privilege escalation vulnerability. Exploit Title: Druva inSync Windows Client 6.6.3 - Local Privilege Escalation Date: 2020-05-21 Exploit Author: Matteo Malvica Credits: Chris Lyne for previous version's exploit Vendor Homepage:...

CVE-2020-5752

Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges...

PT-2020-18673 · Druva · Druva Insync Windows Client

Name of the Vulnerable Software and Affected Versions: Druva inSync Windows Client version 6.6.3 Description: The issue allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges due to a relative path traversal vulnerability. Recommendations: F...

CVE-2017-9001

Aruba ClearPass 6.6.3 and later includes a feature called "SSH Lockout", which causes ClearPass to lock accounts with too many login failures through SSH. When this feature is enabled, an unauthenticated remote command execution vulnerability is present which could allow an unauthenticated user t...

CVE-2017-9001

Aruba ClearPass 6.6.3 and later includes an optional SSH Lockout feature. When this feature is enabled, the system is vulnerable to an unauthenticated remote command execution that can grant root privileges on the underlying OS. The vulnerability only exists for systems where SSH Lockout is enabl...

CVE-2002-1788

Format string vulnerability in the nnexitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses...

CVE-2002-1788

Format string vulnerability in the nnexitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses...

CVE-2002-1788

CVE-2002-1788 affects nn (NN) versions 6.6.0–6.6.3, where the nn_exitmsg function is vulnerable to a format-string issue that can let remote NNTP servers cause arbitrary code execution via crafted server responses. The available documents confirm the vulnerability but do not provide exploit code,...