CVE-2026-6249

creationtimestamp| type| source ---|---|--- 2026-04-20 20:23:33+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjxcdboxxr2c 2026-04-20 21:22:19+00:00| published-proof-of-concept| Telegram/OLcxrKJ5zAhCDZ5T6GCelVBzr2kWns3QejwnSLKnpZyw...

CVE-2026-6249

Vvveb CMS 1.0.8.2 contains a remote code execution vulnerability in its media upload handler that allows authenticated attackers to execute arbitrary operating system commands by uploading a PHP webshell with a .phtml extension. Attackers can bypass the extension deny-list and upload malicious...

CVE-2025-6249

creationtimestamp| type| source ---|---|--- 2025-07-17 20:27:15+00:00| seen| Telegram/R54zemdGqB5WwzWMFjbfrFETH7hScuL9KCgnwRyP-Fu0dY...

CVE-2020-6249

The use of an admin backend report within SAP Master Data Governance, versions - S4CORE 101, S4FND 102, 103, 104, SAPBSFND 748; allows an attacker to execute crafted database queries, exposing the backend database, leading to SQL Injection...

CVE-2023-6249

creationtimestamp| type| source ---|---|--- 2024-02-18 09:26:52+00:00| seen| https://t.me/ctinow/187189 2024-02-18 09:26:53+00:00| seen| https://t.me/ctinow/187191 2024-03-08 10:22:11+00:00| seen| https://t.me/ctinow/203196...

CVE-2023-6249

Signed to unsigned conversion esp32ipmsend...

CVE-2023-6249 ipm: signed to unsigned conversion problem in esp32_ipm_send

Signed to unsigned conversion esp32ipmsend...

CVE-2023-6249 ipm: signed to unsigned conversion problem in esp32_ipm_send

Signed to unsigned conversion esp32ipmsend...

CVE-2023-6249

CVE-2023-6249 affects the Zephyr RTOS component esp32_ipm_send. The root cause is a signed-to-unsigned conversion that can cause a buffer overflow in esp32_ipm_send (as described by Veracode), elevating risk for affected builds. Public documents describe a buffer overflow condition but do not spe...

RHEL 7 : .NET 6.0 (RHSA-2023:6249)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6249 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6249-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6249-1 advisory. Ruihan Li discovered that the memory management subsystem in the Linux kernel contained a race condition when accessing VMAs in certain conditions, leadi...

CVE-2020-6249

The use of an admin backend report within SAP Master Data Governance, versions - S4CORE 101, S4FND 102, 103, 104, SAPBSFND 748; allows an attacker to execute crafted database queries, exposing the backend database, leading to SQL Injection...

CVE-2020-6249

The CVE-2020-6249 entry describes a SQL injection vulnerability in SAP Master Data Governance (MDG) where the admin backend report enables an attacker to craft database queries that expose the backend database. Affected components include MDG in SAP S4CORE 101, S4FND 102–104, SAP_BS_FND 748. The ...

site.irko.com.br Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1098705 Security Researcher haxmov Helped patch 543 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting site.irko.com.br website and...

Hucart CMS 5.7.4 - Cross-Site Request Forgery (Add Administrator Account)

Hucart CMS 5.7.4 - Cross-Site Request Forgery Add Administrator Account function posturl,fields var p = document.createElement"form"; p.action = url; p.innerHTML = fields; p.target = "self"; p.method = "post"; document.body.appendChildp; p.submit; function csrfhack var fields; fields += ""; field...

Hucart CMS 5.7.4 - Cross-Site Request Forgery (Add Administrator Account)

function posturl,fields var p = document.createElement"form"; p.action = url; p.innerHTML = fields; p.target = "self"; p.method = "post"; document.body.appendChildp; p.submit; function csrfhack var fields; fields += ""; fields += ""; fields += ""; fields += ""; fields += ""; fields += ""; fields ...

CVE-2019-6249

CVE-2019-6249 : HuCart v5.7.4 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows an attacker to add an administrator account via the request /adminsys/index.php?load=admins&act=edit_info&act_type=add. This affects HuCart 5.7.4 as described in multiple sources (NVD entry and CN...

NVIDIA Graphics Driver Multiple Vulnerabilities - Lenovo Support US

No description provided...

NVIDIA Linux GPU Display Driver Multiple Vulnerabilities

The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid111107; scriptversion"1.5";...

DEBIAN-CVE-2018-6249

NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges...