GHSA-P768-C3PR-6459 vulnerabilities

Vulnerabilities for packages: temporal...

Linux Distros Unpatched Vulnerability : CVE-2019-6459

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNU Recutils 1.8. There is a memory leak in recextracttype in rec-utils.c in librec.a. CVE-2019-6459 Note that Nessus relies on the...

CVE-2025-6459

creationtimestamp| type| source ---|---|--- 2025-07-02 09:00:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsxtzmk6mg2i...

WordPress Ads Pro plugin <= 4.89 - Cross-Site Request Forgery to PHP Code Injection in bsaCreateAdTemplate vulnerability

Cross-Site Request Forgery to PHP Code Injection in bsaCreateAdTemplate vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Ads Pro versions = 4.89...

CVE-2024-6459

The News Element Elementor Blog Magazine WordPress plugin before 1.0.6 is vulnerable to Local File Inclusion via the template parameter. This makes it possible for unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files...

CVE-2023-6459 vulnerabilities

Vulnerabilities for packages: mattermost-fips...

USN-7137-1 recutils vulnerabilities

It was discovered that recutils incorrectly handled memory when parsing comments with the recparser utility. An attacker could possibly use this issue to cause a denial of service or run arbitrary commands. CVE-2021-46019, CVE-2021-46021, CVE-2021-46022 It was discovered that recutils incorrectly...

CVE-2024-6459 News Element Elementor Blog Magazine < 1.0.6 - Unauthenticated LFI

The News Element Elementor Blog Magazine WordPress plugin before 1.0.6 is vulnerable to Local File Inclusion via the template parameter. This makes it possible for unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files...

WordPress News Element Elementor Blog Magazine Plugin < 1.0.6 is vulnerable to Local File Inclusion

Software News Element Elementor Blog Magazine Type Plugin Vulnerable versions 1.0.6 Fixed in 1.0.6 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-6459 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 9cdb1b21de6f Credits Project Black Required...

CVE-2023-6459

creationtimestamp| type| source ---|---|--- 2023-12-30 08:01:51+00:00| seen| https://t.me/ctinow/160778...

CVE-2023-6459

Mattermost is grouping calls in the /metrics endpoint by id and reports that id in the response. Since this id is the channelID, the public /metrics endpoint is revealing channelIDs...

CVE-2023-6459

Mattermost CVE-2023-6459 affects the /metrics endpoint. The vulnerability arises because calls are grouped by id and report that id in the response, where id corresponds to channelID, causing the public /metrics endpoint to disclose channelIDs. The available connected records (BIT-MATTERMOST-2023...

CVE-2023-6459 Public endpoint /metrics of Calls plugin reveals channel IDs

Mattermost is grouping calls in the /metrics endpoint by id and reports that id in the response. Since this id is the channelID, the public /metrics endpoint is revealing channelIDs...

CVE-2023-6459 Public endpoint /metrics of Calls plugin reveals channel IDs

Mattermost is grouping calls in the /metrics endpoint by id and reports that id in the response. Since this id is the channelID, the public /metrics endpoint is revealing channelIDs...

Ubuntu: Security Advisory (USN-6459-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0743-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4714-1 : chromium - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2020-6423 A use-after-free issue was found in the audio implementation. - CVE-2020-6430 Avihay Cohen discovered a type confusion issue in the v8 JavaScript library. - CVE-2020-6431 Luan Herrera discovered a policy...

CVE-2020-6459

Use after free in payments in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2020-6459

Use after free in payments in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2020-6459

Affected software: Google Chrome (payments implementation). Issue: a use-after-free in payments leads to potential heap corruption. Root cause: use-after-free in the payments code path as described in CVE-2020-6459. Impact: remote attacker could trigger arbitrary behavior via a crafted HTML page;...