Linux Distros Unpatched Vulnerability : CVE-2026-6067

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow vulnerability exists in the Netwide Assembler NASM due to a lack of bounds checking in the objdirective function. This vulnerability can ...

DriveLock Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of DriveLock. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 6067 by default. The issue results from the...

SUSE CVE-2026-6067

A heap buffer overflow vulnerability exists in the Netwide Assembler NASM due to a lack of bounds checking in the objdirective function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory corruption, denial of service crash, and...

MiracleLinux 3 : tcl-8.4.13-6.AXS3 (AXSA:2013-11:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-11:01 advisory. The Tcl Tool Command Language provides a powerful platform for creating integration applications that tie together diverse applications, protocols,...

WordPress Easy Social Feed plugin <= 6.6.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Easy Social Feed versions = 6.6.7...

CVE-2023-6067

The WP User Profile Avatar WordPress plugin through 1.0.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...

CVE-2012-6067

freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to bypass authentication via a crafted SFTP session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c...

Linux Distros Unpatched Vulnerability : CVE-2007-6067

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 befor...

CVE-2023-6067

The WP User Profile Avatar WordPress plugin through 1.0.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...

CVE-2023-6067 WP User Profile Avatar <= 1.0.1 - Contributor+ Stored XSS

The WP User Profile Avatar WordPress plugin through 1.0.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...

CVE-2023-6067 WP User Profile Avatar <= 1.0.1 - Contributor+ Stored XSS

The WP User Profile Avatar WordPress plugin through 1.0.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...

WordPress WP User Profile Avatar Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software WP User Profile Avatar Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6067 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 73f7395294a7 Credits Dmitrii Ignatyev...

Mageia: Security Advisory (MGASA-2018-0268)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Resilient - Stored XSS Vulnerability (CVE-2016-6067)

Summary Security Bulletin: IBM Resilient - Stored XSS Vulnerability CVE-2016-6067 Vulnerability Details Security Bulletin Summary IBM Resilient is vulnerable to cross-site scripting. Vulnerability Details CVEID: CVE-2016-6067 DESCRIPTION: IBM Resilient is vulnerable to cross-site scripting. This...

CVE-2020-6067

An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll TIFF tifread parser of the Accusoft ImageGear 19.5.0 library. A specially crafted TIFF file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the...

CVE-2018-6067

Incorrect IPC serialization in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2018-6067

Incorrect IPC serialization in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2018-6067

Removed by vendor...

CVE-2018-6067

CVE-2018-6067 is a vulnerability in Google Chrome/Chromium where the Skia library contains a buffer/heap overflow issue. Affected component: Skia inside Chrome/Chromium prior to version 65.0.3325.146. Root cause: unspecified in the provided documents beyond “buffer overflow in the Skia library.” ...

PostgreSQL 7.4 < 7.4.19, 8.0 < 8.0.15, 8.1 < 8.1.11, 8.2 < 8.2.6 Multiple Vulnerabilities - Linux

PostgreSQL is prone to multiple Privilege Escalation and Denial of Service DoS vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...