47 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-6147
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Lack of secure text entry mode in Browser UI in Google Chrome on Mac prior to 67.0.3396.62 allowed a local attacker to obtain potentially sensitive information...
CVE-2025-6147
A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack c...
CVE-2025-6147
creationtimestamp| type| source ---|---|--- 2025-06-17 00:32:47+00:00| published-proof-of-concept| Telegram/1YjoRTNXMY4RH6kXSKEWMrI4TetFUtva-ZdtH-4HJXYyJM 2025-06-17 03:58:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrrm4qwjlc2r...
CVE-2025-6147 TOTOLINK A702R HTTP POST Request formSysLog buffer overflow
A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack c...
CVE-2025-6147 TOTOLINK A702R HTTP POST Request formSysLog buffer overflow
A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack c...
CVE-2025-6147
CVE-2025-6147 affects TOTOLINK A702R firmware 4.0.0-B20230721.1521. The vulnerability resides in the HTTP POST Request Handler’s file path /boafrm/formSysLog, where manipulating the submit-url argument can cause a buffer overflow. It is remotely exploitable and, according to the CVE metrics, the ...
CVE-2020-6147
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow...
Oracle Linux 9 : nodejs:18 (ELSA-2024-6147)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6147 advisory. nodejs 1:18.20.4-1 - Update to 18.20.4 Fixes: CVE-2024-22020 CVE-2024-28863 nodejs-nodemon nodejs-packaging Tenable has extracted the preceding...
CVE-2024-6147
Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An attacker must first obtain the ability to execute low-privileged code on the target system in order ...
CVE-2024-6147 Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability
Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An attacker must first obtain the ability to execute low-privileged code on the target system in order ...
CVE-2023-6147
creationtimestamp| type| source ---|---|--- 2024-01-09 09:26:22+00:00| seen| https://t.me/ctinow/164872 2024-01-26 08:36:15+00:00| seen| https://t.me/ctinow/174046 2024-01-26 18:01:40+00:00| seen| https://t.me/arpsyndicate/3024...
CVE-2023-6147
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs...
CVE-2023-6147 Possible XXE vulnerability in Jenkins Plugin for Qualys Policy Compliance
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs...
CVE-2023-6147 Possible XXE vulnerability in Jenkins Plugin for Qualys Policy Compliance
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs...
CVE-2023-6147
The Connected documents corroborate CVE-2023-6147 affecting the Qualys Jenkins Plugin for Policy Compliance (versions up to 1.0.5). The root cause is a missing permission check during a connectivity test to Qualys Cloud Services, which allowed any user with login and job-configuration access to p...
Ubuntu 22.04 LTS / 23.04 : SpiderMonkey vulnerability (USN-6147-1)
The remote Ubuntu 22.04 LTS / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6147-1 advisory. Several security issues were discovered in the SpiderMonkey JavaScript library. If a user were tricked into opening malicious JavaScript applications or...
SUSE CVE-2018-6147
Lack of secure text entry mode in Browser UI in Google Chrome on Mac prior to 67.0.3396.62 allowed a local attacker to obtain potentially sensitive information from process memory via a local process...
Mageia: Security Advisory (MGASA-2018-0268)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-6147
creationtimestamp| type| source ---|---|--- 2020-11-13 18:33:53+00:00| seen| https://t.me/cibsecurity/16299...
CVE-2020-6147
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow...