Fedora 43 : mingw-qt6-qtsvg (2026-b63645cad6)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b63645cad6 advisory. Backport fix for CVE-2026-6210. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

libQt6Svg6-6.11.0-2.1 on GA media (moderate)

libQt6Svg6-6.11.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10742-1 Rating: moderate Cross-References: CVE-2026-6210 CVSS scores: CVE-2026-6210 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6210 SUSE : 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N...

Linux Distros Unpatched Vulnerability : CVE-2026-6210

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image. When processing SVG marker references, the...

CVE-2026-6210

creationtimestamp| type| source ---|---|--- 2026-05-06 13:44:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml6tj2dlhc2r...

CVE-2026-6210

A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image. When processing SVG marker references, the renderer retrieves a node by its id attribute and casts it to QSvgMarker without verifying the node type. A non-marker element such as a...

MiracleLinux 4 : openssh-5.3p1-123.AXS4 (AXSA:2017-2173:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2173:02 advisory. A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticated attacker could possibly use...

EUVD-2003-0099

Malware in sbrugna...

CVE-2025-6210

A vulnerability in the ObsidianReader class of the run-llama/llamaindex repository, specifically in version 0.12.27, allows for hardlink-based path traversal. This flaw permits attackers to bypass path restrictions and access sensitive system files, such as /etc/passwd, by exploiting hardlinks. T...

CVE-2025-6210

A vulnerability in the ObsidianReader class of the run-llama/llamaindex repository, specifically in version 0.12.27, allows for hardlink-based path traversal. This flaw permits attackers to bypass path restrictions and access sensitive system files, such as /etc/passwd, by exploiting hardlinks. T...

CVE-2025-6210 Hardlink-Based Path Traversal in run-llama/llama_index

A vulnerability in the ObsidianReader class of the run-llama/llamaindex repository, specifically in version 0.12.27, allows for hardlink-based path traversal. This flaw permits attackers to bypass path restrictions and access sensitive system files, such as /etc/passwd, by exploiting hardlinks. T...

CVE-2023-6210

When an https: web page created a pop-up from a "javascript:" URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs This vulnerability affects Firefox 120...

PT-2025-35: Local Privilege Escalation (LPE) in Tunnelblick

The vulnerability was identified in Tunnelblick, versions 3.5beta06 to 6.1beta2. The discovered vulnerability allows an attacker to escalate privileges from a normal user to root. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 22.04.2025 Recommendations: Update to...

Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-6210)

sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is...

Linux Distros Unpatched Vulnerability : CVE-2016-6210

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exis...

SSH Username Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SSH Username Enumeration', 'Description' = %q This module uses a malformed packet or timing attack to enumerate users on an OpenSSH server. The...

CVE-2024-6210

creationtimestamp| type| source ---|---|--- 2024-07-11 05:46:22+00:00| seen| https://t.me/cvedetector/623...

CVE-2024-6210 Duplicator <= 1.5.9 - Full Path Disclosure

The Duplicator plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 1.5.9. This makes it possible for unauthenticated attackers to obtain the full path to instances, which they may be able to use in combination with other vulnerabilities or to simplify...

CVE-2024-6210 Duplicator <= 1.5.9 - Full Path Disclosure

The Duplicator plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 1.5.9. This makes it possible for unauthenticated attackers to obtain the full path to instances, which they may be able to use in combination with other vulnerabilities or to simplify...

USN-6509-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-6206, CVE-2023-6210,...

CVE-2023-6210

When an https: web page created a pop-up from a "javascript:" URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs This vulnerability affects Firefox 120...