BELL-CVE-2026-6104 CVE-2026-6104 does not affect BellSoft software

Bulletin has no description...

SUSE SLES16 Security Update : php8 (SUSE-SU-2026:21612-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21612-1 advisory. This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when...

DEBIAN-CVE-2026-6104

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mbconvertencoding or related mbstring functions, the code incorrectly assumes that when strncasecmp returns 0 it means the strings have the same length. This can lead to...

CVE-2026-6104 Global buffer over-read in mb_convert_encoding() with attacker-supplied encoding

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mbconvertencoding or related mbstring functions, the code incorrectly assumes that when strncasecmp returns 0 it means the strings have the same length. This can lead to...

CVE-2026-6104

creationtimestamp| type| source ---|---|--- 2026-05-08 08:02:13+00:00| seen| https://bsky.app/profile/slackers.it/post/3mldbcb5xiz22 2026-05-10 07:09:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mli7cpqapq2k 2026-05-11 12:10:08+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2026-6104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mbconvertencoding or related mbstri...

RHCOS 4 : OpenShift Container Platform 4.14.34 (RHSA-2024:4963)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4963 advisory. - go-retryablehttp: url might write sensitive information to log file CVE-2024-6104 - gorilla/schema: Potential memory exhaustion...

RHCOS 4 : OpenShift Container Platform 4.17.0 (RHSA-2024:3722)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3722 advisory. - go-retryablehttp: url might write sensitive information to log file CVE-2024-6104 - golang: archive/zip: Incorrect handling of...

RHCOS 4 : OpenShift Container Platform 4.16.5 (RHSA-2024:4858)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4858 advisory. - go-retryablehttp: url might write sensitive information to log file CVE-2024-6104 - gorilla/schema: Potential memory exhaustion...

CVE-2021-27956

Zoho ManageEngine ADSelfService Plus before 6104 allows stored XSS on the /webclient/index.html/directory-search user search page via the e-mail address field...

TencentOS Server 4: skopeo (TSSA-2025:0634)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0634 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 4: grafana (TSSA-2025:0323)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0323 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

EUVD-2024-2173

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-6104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable information disclosure vulnerability exists in the getdnodeofdata functionality of F2fs- Tools F2fs.Fsck 1.13. A specially crafted f2fs filesyste...

Security Bulletin: IBM Financial Transaction Manager is impacted by multiple vulnerabilities in RedHat Proxy for Kubernetes RBAC authorization

Summary IBM Financial Transaction Manager for RedHat OpenShift has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2024-45338 DESCRIPTION: An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in...

CVE-2025-6104

creationtimestamp| type| source ---|---|--- 2025-06-16 04:02:17+00:00| published-proof-of-concept| Telegram/IWgL-7hijIDfZWh3thMsnAy1768rz69pWolDkfnZ1T6kfIs 2025-06-16 04:04:08+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114691057117107590 2025-06-16 07:17:50+00:00| seen|...

CVE-2025-6104 Wifi-soft UniBox Controller pms_check.php os command injection

A vulnerability, which was classified as critical, was found in Wifi-soft UniBox Controller up to 20250506. This affects an unknown part of the file /billing/pmscheck.php. The manipulation of the argument ipaddress leads to os command injection. It is possible to initiate the attack remotely. The...

CVE-2025-6104 Wifi-soft UniBox Controller pms_check.php os command injection

A vulnerability, which was classified as critical, was found in Wifi-soft UniBox Controller up to 20250506. This affects an unknown part of the file /billing/pmscheck.php. The manipulation of the argument ipaddress leads to os command injection. It is possible to initiate the attack remotely. The...

Fedora: Security Advisory (FEDORA-2024-8669c2a944)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-f6f91d983c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...