Lucene search
K

50 matches found

Circl
Circl
added 2026/06/25 9:55 p.m.4 views

CVE-2026-6092

creationtimestamp| type| source ---|---|--- 2026-06-25 21:55:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mp5galeomc27...

5.3CVSS5.8AI score0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 9:6 p.m.21 views

CVE-2026-6092 Encrypt-then-MAC could fall back to MAC-then-Encrypt when HAVE_ENCRYPT_THEN_MAC is configured

When HAVEENCRYPTTHENMAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC...

2.1CVSS0.00209EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 9:6 p.m.15 views

CVE-2026-6092

CVE-2026-6092 describes a behavioural fallback issue when HAVE_ENCRYPT_THEN_MAC is configured: the implementation could fall back to MAC-then-Encrypt instead of Encrypt-then-MAC. The connected documents reiterate this description across multiple sources (NVD, ENISA EUVD, Debian security tracker, ...

5.3CVSS5.8AI score0.00209EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/17 6:21 p.m.6 views

CVE-2025-6092

A vulnerability was found in comfyanonymous comfyui up to 0.3.39. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /upload/image of the component Incomplete Fix CVE-2024-10099. The manipulation of the argument image leads to cross site...

6.1CVSS4.8AI score0.00342EPSS
Exploits1References1
NVD
NVD
added 2025/06/15 6:15 p.m.11 views

CVE-2025-6092

A vulnerability was found in comfyanonymous comfyui up to 0.3.39. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /upload/image of the component Incomplete Fix CVE-2024-10099. The manipulation of the argument image leads to cross site...

5.3CVSS0.0032EPSS
Exploits1References4
CVE
CVE
added 2025/06/15 5:31 p.m.66 views

CVE-2025-6092

CVE-2025-6092 affects comfynonymous comfyui up to version 0.3.39. The vulnerability resides in the /upload/image endpoint where manipulation of the image argument enables cross-site scripting (XSS). Exploitation is possible remotely and PoC activity is indicated in sources. No official fix versio...

5.3CVSS4.9AI score0.00342EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/06/15 5:31 p.m.3 views

CVE-2025-6092 comfyanonymous comfyui Incomplete Fix CVE-2024-10099 image cross site scripting

A vulnerability was found in comfyanonymous comfyui up to 0.3.39. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /upload/image of the component Incomplete Fix CVE-2024-10099. The manipulation of the argument image leads to cross site...

5.3CVSS4.9AI score0.00342EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/06/30 12:0 a.m.23 views

Ubuntu: Security Advisory (USN-6191-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/05/18 12:0 a.m.43 views

Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6092-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6092-1 advisory. Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy...

7.8CVSS7.4AI score0.00635EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:30 a.m.3 views

SUSE CVE-2018-6092

An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS9.3AI score0.09186EPSS
Exploits2References6
vulnersOsv
vulnersOsv
added 2022/05/17 3:46 a.m.6 views

cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE), cloud.altemista.fwk.message:cloud-altemistafwk-core-message-active-conf (>=3.0.0.RELEASE <=3.1.0.RELEASE) +706 more potentially affected by CVE-2012-6092 via org.apache.activemq:activemq-core (>=4.1.1 <=5.7.0)

org.apache.activemq:activemq-core MAVEN version =4.1.1, =3.0.0.RELEASE, =1.0, =1.0.0, =1.0.0, =0.4.2, =0.4.2, =0.4.2, =3.0.0.rc1, =3.0.0.rc1, =3.0.0.rc1, =3.0.0.rc1, =3.2.1 and more Source cves: CVE-2012-6092 Source advisory: OSV:GHSA-RP9P-863F-9C4H...

4.3CVSS6.9AI score0.06018EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.33 views

Mageia: Security Advisory (MGASA-2018-0268)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.6AI score0.58822EPSS
Exploits14References15
Check Point Advisories
Check Point Advisories
added 2020/11/28 12:0 a.m.8 views

Gonitro Nitro Pro Integer Overflow (CVE-2020-6092)

An integer overflow vulnerability exists in Gonitro Nitro Pro. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.9AI score0.42268EPSS
Exploits1
CVE
CVE
added 2020/05/18 4:14 p.m.106 views

CVE-2020-6092

Nitro Pro 13.9.1.155 is affected by a code execution vulnerability tied to parsing of /Pattern objects in PDFs. The underlying issue is an integer overflow in the handling of the Pattern bounding box (/BBox), which can be triggered by crafted PDF patterns and may lead to arbitrary code execution....

8.8CVSS7.9AI score0.42268EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.40 views

Fedora 28 : chromium (2018-94e1bc8c23)

Update to 66.0.3359.181. Security fix for CVE-2018-6085 CVE-2018-6086 CVE-2018-6087 CVE-2018-6088 CVE-2018-6089 CVE-2018-6090 CVE-2018-6091 CVE-2018-6092 CVE-2018-6093 CVE-2018-6094 CVE-2018-6095 CVE-2018-6096 CVE-2018-6097 CVE-2018-6098 CVE-2018-6099 CVE-2018-6100 CVE-2018-6101 CVE-2018-6102...

8.8CVSS6.6AI score0.09186EPSS
Exploits3References38
OSV
OSV
added 2018/12/04 5:29 p.m.2 views

CVE-2018-6092

An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS7.6AI score
Exploits0References7
CVE
CVE
added 2018/12/04 5:0 p.m.147 views

CVE-2018-6092

The CVE-2018-6092 entry relates to an integer overflow in Chrome’s WebAssembly implementation on 32‑bit systems, allowing remote code execution inside the sandbox via a crafted HTML page. Affected software from the connected advisories includes Google Chrome/Chromium up to version 66.0.3359.117 (...

8.8CVSS8.6AI score0.09186EPSS
Exploits2References7Affected Software1
Check Point Advisories
Check Point Advisories
added 2018/08/08 12:0 a.m.2 views

Google Chrome Integer Overflow Memory Corruption (CVE-2018-6092)

A memory corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.6AI score0.09186EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/17 10:10 a.m.26 views

Security Bulletin: IBM Cúram Social Program Management when not configured with LDAP or SSO may be vulnerable to denial of service.(CVE-2014-6092).

Summary Default authentication methods in IBM Curam Social Program Management do not allow for a per user account lockout policy, and rather employ a single, system wide policy. For most users of the system, a low lockout threshold is desirable. However, for users used to integrate with another...

5CVSS0.7AI score0.01256EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:50 p.m.26 views

Security Bulletin: IBM Security Key Lifecycle Manager stores unencrypted password (CVE-2016-6092)

Summary IBM Security Key Lifecycle Manager has identified a vulnerability where a password is stored in clear text. This vulnerability can enable attackers to obtain unauthorized access to other integrated systems. IBM Security Key Lifecycle Manager has addressed this vulnerability with the...

6.2CVSS0.7AI score0.00317EPSS
Exploits0Affected Software1
Rows per page
Query Builder