Lucene search
K

48 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-6094

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overread in wcPKCS7DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-supplied data...

9.1CVSS6.2AI score0.00294EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 6:16 p.m.4 views

DEBIAN-CVE-2026-6094

Heap buffer overread in wcPKCS7DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-supplied data delivered via S/MIME or CMS...

9.1CVSS5.9AI score0.00294EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 6:16 p.m.12 views

CVE-2026-6094

Heap buffer overread in wcPKCS7DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-supplied data delivered via S/MIME or CMS...

9.1CVSS0.00294EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.6 views

RHCOS 4 : OpenShift Container Platform 4.10.28 (RHSA-2022:6094)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6094 advisory. - golang: cmd/go: misinterpretation of branch names can lead to incorrect access control CVE-2022-23773 - golang: crypto/elliptic:...

9.1CVSS7.3AI score0.05416EPSS
Exploits1References11
Circl
Circl
added 2025/06/15 11:37 p.m.26 views

CVE-2025-6094

creationtimestamp| type| source ---|---|--- 2025-06-15 23:37:11+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18389 2025-06-16 01:38:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrotu6nkfp2s...

8.8CVSS6.2AI score0.0037EPSS
Exploits1References2
CVE
CVE
added 2025/06/15 10:31 p.m.65 views

CVE-2025-6094

FoxCMS (versions up to 1.2.5) contains a SQL injection in the batchCope function of app/admin/controller/Download.php, triggered by manipulating the ids parameter. The vulnerability allows remote exploitation and has publicly disclosed exploits. Publicly available advisories (e.g., PT-2025-25506)...

8.8CVSS6.7AI score0.0037EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/06/15 10:31 p.m.4 views

CVE-2025-6094 qianfox FoxCMS Download.php batchCope sql injection

A vulnerability, which was classified as critical, has been found in qianfox FoxCMS up to 1.2.5. This issue affects the function batchCope of the file app/admin/controller/Download.php. The manipulation of the argument ids leads to sql injection. The attack may be initiated remotely. The exploit...

6.5CVSS6.7AI score0.0037EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/06/15 10:31 p.m.15 views

CVE-2025-6094 qianfox FoxCMS Download.php batchCope sql injection

A vulnerability, which was classified as critical, has been found in qianfox FoxCMS up to 1.2.5. This issue affects the function batchCope of the file app/admin/controller/Download.php. The manipulation of the argument ids leads to sql injection. The attack may be initiated remotely. The exploit...

6.5CVSS0.0037EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 8:2 a.m.20 views

CVE-2024-6094

The WP ULike WordPress plugin before 4.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.7AI score0.00401EPSS
Exploits1References1
Circl
Circl
added 2024/10/23 4:11 p.m.5 views

CVE-2020-6094

creationtimestamp| type| source ---|---|--- 2024-10-23 16:11:43+00:00| seen| https://t.me/CyberSecurityTechnologies/1078...

9.8CVSS8.7AI score0.03597EPSS
Exploits1References1
Circl
Circl
added 2024/07/24 9:7 a.m.5 views

CVE-2024-6094

creationtimestamp| type| source ---|---|--- 2024-07-24 09:07:32+00:00| seen| https://t.me/cvedetector/1542...

4.8CVSS4.8AI score0.00401EPSS
Exploits1References1
OSV
OSV
added 2024/07/24 6:15 a.m.4 views

CVE-2024-6094

The WP ULike WordPress plugin before 4.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00401EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/24 6:0 a.m.13 views

CVE-2024-6094 WP ULike < 4.7.1 - Admin+ Stored XSS

The WP ULike WordPress plugin before 4.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.7AI score0.00401EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/07/24 12:0 a.m.16 views

WordPress WP ULike Plugin < 4.7.1 is vulnerable to Cross Site Scripting (XSS)

Software WP ULike Type Plugin Vulnerable versions 4.7.1 Fixed in 4.7.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6094 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2b5286cbd123 Credits Dmitrii Ignatyev Required privile...

4.8CVSS5.8AI score0.00401EPSS
Exploits1References4Affected Software1
Circl
Circl
added 2023/12/31 11:26 a.m.8 views

CVE-2023-6094

creationtimestamp| type| source ---|---|--- 2023-12-31 11:26:43+00:00| seen| https://t.me/ctinow/161062 2024-01-01 01:31:34+00:00| seen| https://t.me/cibsecurity/74062...

5.3CVSS5.5AI score0.0024EPSS
Exploits0References2
NVD
NVD
added 2023/12/31 10:15 a.m.18 views

CVE-2023-6094

A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. The vulnerability results from lack of protection for sensitive information during transmission. An attacker eavesdropping on the traffic between the web browser and server may obtain sensitive...

5.3CVSS0.0024EPSS
Exploits0References1
CVE
CVE
added 2023/12/31 9:57 a.m.51 views

CVE-2023-6094

The CVE-2023-6094 entry describes a vulnerability in OnCell G3150A-LTE Series firmware versions prior to v1.3 where sensitive information is transmitted without protection. An attacker could eavesdrop on traffic between a web browser and the device/server to obtain sensitive data. Affected produc...

5.3CVSS5.1AI score0.0024EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/31 9:57 a.m.15 views

CVE-2023-6094 OnCell G3150A-LTE Series: Web Server Transmits Cleartext Credentials

A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. The vulnerability results from lack of protection for sensitive information during transmission. An attacker eavesdropping on the traffic between the web browser and server may obtain sensitive...

5.3CVSS5.3AI score0.0024EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:43 a.m.4 views

SUSE CVE-2012-6094

cups Common Unix Printing System 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system...

9.8CVSS6.9AI score0.02067EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/09/08 12:0 a.m.42 views

RHEL 7 / 8 : OpenShift Container Platform 4.10.28 (RHSA-2022:6094)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6094 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

9.1CVSS7.6AI score0.05416EPSS
Exploits1References11
Rows per page
Query Builder