Debian dsa-6271 : gsasl - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6271 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6271-1 [email protected] https://www.debian.org/security/...

Exploit for OS Command Injection in Gnu Bash

CVE-201...

MiracleLinux 3 : bash-3.2-33.AXS3.4 (AXSA:2014-553:01)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-553:01 advisory. Description : The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporat...

MiracleLinux 3 : bash-3.2-33.AXS3.1 (AXSA:2014-548:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-548:01 advisory. Description : The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful...

CVE-2025-6271

A vulnerability, which was classified as problematic, was found in swftools up to 0.9.2. This affects the function wavconvert2mono in the library lib/wav.c of the component wav2swf. The manipulation leads to out-of-bounds read. The attack needs to be approached locally. The exploit has been...

CVE-2025-6271

A vulnerability, which was classified as problematic, was found in swftools up to 0.9.2. This affects the function wavconvert2mono in the library lib/wav.c of the component wav2swf. The manipulation leads to out-of-bounds read. The attack needs to be approached locally. The exploit has been...

CVE-2025-6271

A vulnerability, which was classified as problematic, was found in swftools up to 0.9.2. This affects the function wavconvert2mono in the library lib/wav.c of the component wav2swf. The manipulation leads to out-of-bounds read. The attack needs to be approached locally. The exploit has been...

CVE-2025-6271

creationtimestamp| type| source ---|---|--- 2025-06-19 17:40:55+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18871 2025-06-19 20:18:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrydtjhvsb25...

CVE-2025-6271 swftools wav2swf wav.c wav_convert2mono out-of-bounds

A vulnerability, which was classified as problematic, was found in swftools up to 0.9.2. This affects the function wavconvert2mono in the library lib/wav.c of the component wav2swf. The manipulation leads to out-of-bounds read. The attack needs to be approached locally. The exploit has been...

CVE-2025-6271 swftools wav2swf wav.c wav_convert2mono out-of-bounds

A vulnerability, which was classified as problematic, was found in swftools up to 0.9.2. This affects the function wavconvert2mono in the library lib/wav.c of the component wav2swf. The manipulation leads to out-of-bounds read. The attack needs to be approached locally. The exploit has been...

CVE-2025-6271

The vulnerability CVE-2025-6271 affects swftools up to version 0.9.2, specifically the wav_convert2mono function in lib/wav.c of the wav2swf component. The issue is an out-of-bounds read caused by improper handling, enabling a local attacker to exploit it. Publicly disclosed exploits exist. Remed...

CVE-2020-6271

SAP Solution Manager Problem Context Manager, version 7.2, does not perform the necessary authentication, allowing an attacker to consume large amounts of memory, causing the system to crash and read restricted data files visible for technical administration users of the diagnostics agent...

Qnap QTS Bash OS Command Injection (CVE-2014-6271)

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the modcgi and modcg...

Apache Mod_cgi Bash Environment Variable Injection (Shellshock) Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache modcgi Bash Environment Variable Injection Shellshock Scanner', 'Description' = %q This module scans for the Shellshock vulnerability, a...

CVE-2024-6271

creationtimestamp| type| source ---|---|--- 2024-07-22 09:26:55+00:00| seen| https://t.me/cvedetector/1385...

CVE-2024-6271 Community Events < 1.5 - Event Deletion via CSRF

The Community Events WordPress plugin before 1.5 does not have CSRF check in place when deleting events, which could allow attackers to make a logged in admin delete arbitrary events via a CSRF attack...

CVE-2024-6271 Community Events < 1.5 - Event Deletion via CSRF

The Community Events WordPress plugin before 1.5 does not have CSRF check in place when deleting events, which could allow attackers to make a logged in admin delete arbitrary events via a CSRF attack...

CVE-2024-6271

CVE-2024-6271 affects Community Events WordPress plugin prior to 1.5. The vulnerability is due to a missing CSRF check when deleting events, allowing a CSRF attack to cause a logged-in admin to delete arbitrary events. No exploitation details are provided in the documents. Remediation: upgrade to...

CVE-2023-6271

creationtimestamp| type| source ---|---|--- 2024-01-01 16:26:26+00:00| seen| https://t.me/ctinow/161364 2024-01-02 01:31:10+00:00| seen| https://t.me/cibsecurity/74091...

CVE-2023-6271

The Backup Migration WordPress plugin before 1.3.6 stores in-progress backups information in easy to find, publicly-accessible files, which may allow attackers monitoring those to leak sensitive information from the site's backups...