CVE-2026-6126

A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The exploit has been made...

CVE-2026-6126

creationtimestamp| type| source ---|---|--- 2026-04-12 12:44:53+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mjcexr3jzj22 2026-04-12 13:15:23+00:00| published-proof-of-concept| Telegram/MAArghuJr9V3EBWp3NdbOgL0SAw37FjqzKr6qVSads5vX0...

CVE-2026-6126

CVE-2026-6126 affects zhayujie chatgpt-on-wechat CowAgent 2.0.4. The weakness resides in an unknown function of the Administrative HTTP Endpoint, leading to missing authentication. It can be triggered remotely, and the exploit has been made public. Multiple sources note that the project was alert...

MiracleLinux 9 : cockpit-323.1-1.el9.ML.1 (AXSA:2024-9119:16)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9119:16 advisory. cockpit: Authenticated user can kill any process when enabling pamenv's userreadenv option CVE-2024-6126 Tenable has extracted the preceding description bloc...

Mozilla Firefox < 60.0.2

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 60.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2018-14 advisory. - A heap buffer overflow can occur in the Skia library when rasterizing paths using a maliciously crafted SVG file wit...

Mozilla Firefox ESR < 52.8.1

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 52.8.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2018-14 advisory. - A heap buffer overflow can occur in the Skia library when rasterizing paths using a maliciously crafted SVG file...

Mozilla Firefox ESR < 60.0.2

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 60.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2018-14 advisory. - A heap buffer overflow can occur in the Skia library when rasterizing paths using a maliciously crafted SVG file...

Mozilla Firefox ESR < 52.8.1

The version of Firefox ESR installed on the remote Windows host is prior to 52.8.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2018-14 advisory. - A heap buffer overflow can occur in the Skia library when rasterizing paths using a maliciously crafted SVG file with...

Mozilla Firefox < 60.0.2

The version of Firefox installed on the remote Windows host is prior to 60.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2018-14 advisory. - A heap buffer overflow can occur in the Skia library when rasterizing paths using a maliciously crafted SVG file with...

CVE-2024-6126

creationtimestamp| type| source ---|---|--- 2025-09-03 00:24:24+00:00| seen| Telegram/CY3OFS379ZN3jvWkyBSoC4sNpT9lrTYwxnJIh1Tvpvo6wTw...

CVE-2025-6126

A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /contact.php. The manipulation of the argument Name leads to cross site scripting. The attack can be launched...

CVE-2025-6126

A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /contact.php. The manipulation of the argument Name leads to cross site scripting. The attack can be launched...

CVE-2025-6126

creationtimestamp| type| source ---|---|--- 2025-06-16 14:56:23+00:00| seen| https://bsky.app/profile/potato.software/post/3lrqagqinbe2x 2025-06-16 16:36:07+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18471...

CVE-2025-6126 PHPGurukul Rail Pass Management System contact.php cross site scripting

A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /contact.php. The manipulation of the argument Name leads to cross site scripting. The attack can be launched...

CVE-2025-6126 PHPGurukul Rail Pass Management System contact.php cross site scripting

A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /contact.php. The manipulation of the argument Name leads to cross site scripting. The attack can be launched...

CVE-2025-6126

CVE-2025-6126 — PHPGurukul Rail Pass Management System 1.0 has a cross-site scripting vulnerability in the unknown-functionality of the file /contact.php. The vulnerability is triggered by manipulating the Name parameter, enabling remote attackers to inject scripts. Public exploits exist; multipl...

Mageia: Security Advisory (MGASA-2025-0181)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RLSA-2024:9325 Low: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: Authenticated user can kill any process when enabling...

cockpit security update

An update is available for cockpit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...

Linux Distros Unpatched Vulnerability : CVE-2024-6126

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pamenv's userreadenv option, which leads t...