PT-2026-36766

Name of the Vulnerable Software and Affected Versions geniezone affected versions not specified Description A missing permission check allows for a possible local escalation of privilege. This issue can be exploited by a malicious actor who has already obtained the System privilege, and it does n...

RockyLinux 8 : python3.11 (RLSA-2026:6281)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:6281 advisory. python: Python: Command-line option injection in webbrowser.open via crafted URLs CVE-2026-4519 Tenable has extracted the preceding description block directly fro...

Oracle Linux 8 : python3.11 (ELSA-2026-6281)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-6281 advisory. 3.11.13-6.0.1 - Update rpm-macros description Orabug: 36024572 3.11.13-6 - Security fix for CVE-2026-4519 Resolves: RHEL-158028 Tenable has extracted the...

CVE-2025-6281

A vulnerability has been found in OpenBMB XAgent up to 1.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /conv/community. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used...

CVE-2025-6281

A vulnerability has been found in OpenBMB XAgent up to 1.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /conv/community. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used...

CVE-2025-6281

creationtimestamp| type| source ---|---|--- 2025-06-19 21:44:50+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18882 2025-06-20 00:08:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lryqo53l3223...

CVE-2025-6281 OpenBMB XAgent community path traversal

A vulnerability has been found in OpenBMB XAgent up to 1.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /conv/community. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used...

CVE-2013-6281

Cross-site scripting XSS vulnerability in codebase/spreadsheet.php in the Spreadsheet dhtmlxSpreadsheet plugin 2.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "page" parameter...

CVE-2024-6281 Path Traversal in parisneo/lollms

A path traversal vulnerability exists in the applysettings function of parisneo/lollms versions prior to 9.5.1. The sanitizepath function does not adequately secure the discussiondbname parameter, allowing attackers to manipulate the path and potentially write to important system folders...

CVE-2024-6281 Path Traversal in parisneo/lollms

A path traversal vulnerability exists in the applysettings function of parisneo/lollms versions prior to 9.5.1. The sanitizepath function does not adequately secure the discussiondbname parameter, allowing attackers to manipulate the path and potentially write to important system folders...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Velocity Engine vulnerability (USN-6281-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6281-1 advisory. Alvaro Munoz discovered that Velocity Engine incorrectly handled certain inputs. If a user or an automated system were tricked into openin...

CVE-2020-6281

CVE-2020-6281 affects SAP Business Objects Business Intelligence Platform (BI Launchpad) v4.2. The issue is insufficient encoding of user-controlled inputs, leading to reflected cross-site scripting. The connected documents consistently describe a client-side data validation/encoding problem in B...

Design/Logic Flaw

NVIDIA libnvomx contains a possible out of bounds write due to a improper input validation which could lead to local escalation of privilege. This issue is rated as high. Product: Android. Version: N/A. Android: A-66969318. Reference: N-CVE-2017-6281...

CVE-2017-6281

CVE-2017-6281 affects NVIDIA libnvomx and is described as a possible out-of-bounds write caused by improper input validation, leading to local elevation of privilege. The NVIDIA SHIELD TV advisory lists Libnvomx as the vulnerable component and rates the issue as EoP (High). Affected product: SHIE...

CVE-2012-6281

...

CVE-2012-6281

CVE-2012-6281 entry is rejected and not used according to the Initial Description.

ar15.com XSS vulnerability

Vulnerable URL: http://www.ar15.com/index.html?news=add" Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:| 24.11.2017 19:01 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 6281 VIP website status:| Yes Check ar15.com SSL...

RealVNC 3.3.7 Client Buffer Overflow

No description provided by source. $Id: realvncclient.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

CVE-2013-6281

Cross-site scripting XSS vulnerability in codebase/spreadsheet.php in the Spreadsheet dhtmlxSpreadsheet plugin 2.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "page" parameter...

CVE-2013-6281

CVE-2013-6281 concerns the WordPress Spreadsheet plugin (dhtmlxSpreadsheet) version 2.0, with a reflected XSS vulnerability in /dhtmlxspreadsheet/codebase/spreadsheet.php via the page parameter. The connected documents confirm the affected component and the underlying issue is input handling that...