63 matches found
CVE-2026-6396
creationtimestamp| type| source ---|---|--- 2026-04-22 12:58:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk3kfevktc2h 2026-04-25 16:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mkdhrt47wy24...
CVE-2026-6396
CVE-2026-6396 concerns the WordPress plugin “Fast & Fancy Filter – 3F” (versions up to and including 1.2.2). The issue arises from missing nonce verification in the saveFields() function, which handles the fff_save_settins AJAX action. This design flaw allows unauthenticated attackers to forge re...
RHSA-2026:6396 Red Hat Security Advisory: freerdp security update
Bulletin has no description...
CGA-XC4V-6396-79V2
Bulletin has no description...
CVE-2025-6396
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Webbeyaz Website Design Website Software allows Cross-Site Scripting XSS.This issue affects Website Software: through 2025.07.14...
CVE-2025-6396
creationtimestamp| type| source ---|---|--- 2025-09-26 14:52:36+00:00| seen| Telegram/NpfqsXCWhFhyogT-SKjnrYfGdz2-RRlr1SdI36XbVlloSyQ...
CVE-2024-6396
A vulnerability in the backuprun function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the runhash and repo.path parameters, which can be manipulated to create an...
Cisco NX-OS Resource Management Errors (CVE-2012-6396)
Cisco NX-OS on Nexus 7000 series switches does not properly handle certain line-card replacements, which might allow remote authenticated users to cause a denial of service memory consumption via a crafted configuration that references interfaces that do not exist on the new card, aka Bug ID...
CVE-2024-6396
creationtimestamp| type| source ---|---|--- 2024-07-12 02:41:34+00:00| seen| https://t.me/cvedetector/700 2025-02-01 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2025-02-01 2025-02-06 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilitie...
CVE-2024-6396
A vulnerability in the backuprun function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the runhash and repo.path parameters, which can be manipulated to create an...
CVE-2024-6396
An vulnerability in the _backup_run function of aimhubio/aim 3.19.3 allows remote attackers to manipulate run_hash and repo.path to create/write arbitrary files on the host and exfiltrate data, with potential for denial of service, data loss, or remote code execution. Confirmed by connected sourc...
CVE-2023-6396
Unknown description...
UBUNTU-CVE-2023-6396
Unknown description...
CVE-2023-6396
GitLab CE/EE is affected by CVE-2023-6396 due to XSS and ReDoS in Markdown via the Banzai pipeline when a member has admin_group_member permission, potentially allowing escalation (e.g., adding members with higher roles) and exposure of internal project details. The issue is tied to a bypass of C...
CVE-2023-6396
Removed by vendor...
Ubuntu 18.04 ESM : Linux kernel (KVM) vulnerabilities (USN-6396-2)
The remote Ubuntu 18.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6396-2 advisory. It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread....
Ubuntu: Security Advisory (USN-6396-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2013-6396
The OpenStack Python client library for Swift python-swiftclient 1.0 through 1.9.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
SUSE CVE-2020-6396
Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...
Mageia: Security Advisory (MGASA-2020-0123)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...