MiracleLinux 9 : thunderbird-115.5.0-1.el9_3.ML.1 (AXSA:2023-7213:32)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-7213:32 advisory. Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer CVE-2023-6204 Mozilla: Use-after-free in MessagePort::Entangled CVE-2023-6205 Mozilla:...

TencentOS Server 2: thunderbird (TSSA-2023:0315)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0315 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

OESA-2025-2591 firefox security update

Security Fixes: Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal /../ part in the path could be used to override the specified host. This could contribute to security problems in web sites. This vulnerability affects Firefox 120, Firefox ESR 115.5.0, and...

RHSA-2023:6209

creationtimestamp| type| source ---|---|--- 2025-08-30 06:21:38+00:00| seen| Telegram/lOFt5OLRJAlPr0fi7wLfL3uH0aeFsM3K6cjq5vC3j0BK7Y 2025-08-30 06:21:43+00:00| seen| Telegram/P8pyY9lc8PIEFYzT3svv95IP2wt6qT0Fm2k3Gq38JxO-o...

CVE-2025-6209

A path traversal vulnerability was found in run-llama/llamaindex. This vulnerability allows an attacker to manipulate the imagepath input to read files on the server. File access is limited to those files that the running process has permission to read. Mitigation Mitigation for this issue is...

CVE-2025-6209

creationtimestamp| type| source ---|---|--- 2025-07-07 15:47:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ltf52razbk2m...

aider-chat (=0.43.0), aimon-llamaindex (>=0.0.6 <=0.0.9) +686 more potentially affected by CVE-2025-6209 via llama-index-core (>=0.10.0 <=0.12.39)

llama-index-core PYPI version =0.10.0, =0.0.6, =1.1.0, =3.0.0, =1.7.0, =1.0.0, =0.0.3, =0.2.1, =0.2.1.dev0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.1.0, =0.4.0.dev2 and more Source cves: CVE-2025-6209 Source advisory: SNYK:PYTHON-LLAMAINDEXCORE-10648998...

aiqtoolkit-llama-index (>=1.1.0 <=1.2.0rc4), airunner (>=3.0.0 <=3.1.14) +45 more potentially affected by CVE-2025-6209 via llama-index (>=0.10.0 <=0.12.38)

llama-index PYPI version =0.10.0, =1.1.0, =3.0.0, =1.0.5, =1.7.0, =0.2.53, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.0.52, =0.0.61 - intelligent-engine-core =0.1.0 - jiuwen-opensource =0.0.3 and more Source cves: CVE-2025-6209 Source advisory: SNYK:PYTHON-LLAMAINDEX-10648999...

CVE-2025-6209 Arbitrary File Read through Path Traversal in run-llama/llama_index

A path traversal vulnerability exists in run-llama/llamaindex versions 0.12.27 through 0.12.40, specifically within the encodeimage function in genericutils.py. This vulnerability allows an attacker to manipulate the imagepath input to read arbitrary files on the server, including sensitive syste...

CVE-2025-6209

CVE-2025-6209: Path traversal in run-llama/llama_index affects versions 0.12.27–0.12.40, in encode_image() of generic_utils.py, allowing reading arbitrary server files via image_path input. Root cause is insufficient path validation/sanitization. Fixed in 0.12.41; remediation is upgrade to 0.12.4...

TencentOS Server 3: thunderbird (TSSA-2023:0307)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0307 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 3: firefox (TSSA-2023:0308)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0308 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Linux Distros Unpatched Vulnerability : CVE-2016-6209

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in Nagios. CVE-2016-6209 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL...

CVE-2020-6209

SAP Disclosure Management, version 10.1, does not perform necessary authorization checks for an authenticated user, allowing access to administration accounts by a user with no roles, leading to Missing Authorization Check...

CVE-2024-6209

creationtimestamp| type| source ---|---|--- 2024-07-05 14:10:00+00:00| seen| https://t.me/cvedetector/94 2024-07-08 09:52:00+00:00| seen| https://t.me/HackingInsights/5199 2024-11-05 16:30:05+00:00| exploited| https://t.me/truesecator/6397 2025-01-07 11:00:00+00:00| seen|...

CVE-2024-6209

Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to access files unauthorized...

CVE-2024-6209 unauthorized file access

Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to access files unauthorized...

CVE-2024-6209

CVE-2024-6209 affects ABB ASPECT family (Enterprise, NEXUS, MATRIX) up to v3.08.01. Pre-authentication directory traversal and input handling flaws in the web server enable unauthorized file access, with exploit paths such as databasefiledelete.php potentially allowing arbitrary file deletion (an...

CVE-2024-6209 unauthorized file access

Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to access files unauthorized...

RHEL 6 : nagios (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nagios: Unsafe ownership change leading to privilege escalation CVE-2016-8641 - Cross-site scripting XSS...