74 matches found
CVE-2026-6120
A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public a...
CVE-2026-6120
creationtimestamp| type| source ---|---|--- 2026-04-12 06:58:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjbrllzwu22x 2026-04-12 07:07:53+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mjbs56pkt22r 2026-04-12 07:15:59+00:00| published-proof-of-concept|...
DSA-6120-1 tomcat10 - security update
Bulletin has no description...
CVE-2025-6120
creationtimestamp| type| source ---|---|--- 2025-06-16 12:42:55+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18447...
CVE-2025-6120
A vulnerability classified as critical was found in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function readmeshes in the library assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. The manipulation leads to heap-based buffer overflow. It is possible to...
CVE-2025-6120 Open Asset Import Library Assimp HL1MDLLoader.cpp read_meshes heap-based overflow
A vulnerability classified as critical was found in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function readmeshes in the library assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. The manipulation leads to heap-based buffer overflow. It is possible to...
CVE-2025-6120
CVE-2025-6120 affects the Open Asset Import Library (Assimp) up to 5.4.3. The vulnerability is in the HL1MDLLoader.cpp path (assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp) within the read_meshes function, causing a heap-based buffer overflow. It can be triggered on the local host, and the ex...
CVE-2025-6120 Open Asset Import Library Assimp HL1MDLLoader.cpp read_meshes heap-based overflow
A vulnerability classified as critical was found in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function readmeshes in the library assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. The manipulation leads to heap-based buffer overflow. It is possible to...
CVE-2024-6120
The Sparkle Demo Importer plugin for WordPress is vulnerable to unauthorized database reset and demo data import due to a missing capability check on the multiple functions in all versions up to and including 1.4.7. This makes it possible for authenticated attackers, with Subscriber-level access...
CVE-2020-6120
SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The fn parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
WordPress Sparkle Demo Importer Plugin <= 1.4.7 is vulnerable to Broken Access Control
Software Sparkle Demo Importer Type Plugin Vulnerable versions = 1.4.7 Fixed in 1.4.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6120 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 65191ad4a953 Credits Lucio Sá Required...
CVE-2019-6120
creationtimestamp| type| source ---|---|--- 2024-02-05 12:16:10+00:00| seen| Telegram/nDX4gcSlxo6VMZVdcrJGfTvV6rQfo8f2nPBUQKcCAhr8lVQ...
CVE-2023-6120
creationtimestamp| type| source ---|---|--- 2024-01-01 06:51:31+00:00| seen| https://t.me/ctinow/161204...
WordPress Welcart e-Commerce Plugin <= 2.9.6 is vulnerable to Path Traversal
Software Welcart e-Commerce Type Plugin Vulnerable versions = 2.9.6 Fixed in 2.9.7 OWASP Top 10 A5: Security Misconfiguration Classification Path Traversal CVE CVE-2023-6120 Patch priority Medium CVSS severity Medium 4.1 Developer Claim ownership PSID 545792f26683 Credits Marco Wotschka Required...
CVE-2023-6120
The Welcart e-Commerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.9.6 via the uploadcertificatefile function. This makes it possible for administrators to upload .pem or .crt files to arbitrary locations on the server...
CVE-2023-6120
CVE-2023-6120 (Welcart e-Commerce, WordPress) is a directory-traversal vulnerability in the plugin’s upload_certificate_file function, affecting all versions up to and including 2.9.6. An authenticated administrator can upload .pem or .crt files to arbitrary server locations, enabling potential f...
Rocky Linux 9 : nginx:1.22 (RLSA-2023:6120)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:6120 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wil...
RHEL 9 : nginx:1.22 (RHSA-2023:6120)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6120 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...
SUSE CVE-2007-6448
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6120. Reason: This candidate is a duplicate of CVE-2007-6120. Notes: All CVE users should reference CVE-2007-6120 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...
SUSE CVE-2018-6120
An integer overflow that could lead to an attacker-controlled heap out-of-bounds write in PDFium in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...