CVE-2026-6504

creationtimestamp| type| source ---|---|--- 2026-05-14 13:48:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlsxgcb7c62p...

CVE-2026-20451

In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504...

PT-2026-36769

Name of the Vulnerable Software and Affected Versions slbc affected versions not specified Description An out-of-bounds write occurs due to type confusion, which is a situation where a program accesses a resource using a type that differs from the type used to create it. This can lead to local...

MiracleLinux 3 : java-1.6.0-openjdk-1.6.0.33-1.13.5.0.0.1.AXS3 (AXSA:2014-598:04)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-598:04 advisory. Description : The OpenJDK runtime environment. Security issues fixed with this release: CVE-2014-6457 CVE-2014-6502 CVE-2014-6504 CVE-2014-6506...

CVE-2025-6504 Possibilities of IP Spoofing via X-Forwarded-For (XFF) Header

In HDP Server versions below 4.6.2.2978 on Linux, unauthorized access could occur via IP spoofing using the X-Forwarded-For header. Since XFF is a client-controlled header, it could be spoofed, allowing unauthorized access if the spoofed IP matched a whitelisted range. This vulnerability could be...

CVE-2024-6504

creationtimestamp| type| source ---|---|--- 2024-07-18 13:27:12+00:00| seen| https://t.me/cvedetector/1149...

CVE-2024-6504

Rapid7 InsightVM Console exposure (CVE-2024-6504) affects versions prior to 6.6.261. The root cause is a protection mechanism failure that allows an attacker with network access to the Console to overload or crash it by sending repeated invalid REST requests to port 443, triggering an exception h...

CVE-2024-6504 Rapid7 InsightVM Protection Mechanism Failure

Rapid7 InsightVM Console versions below 6.6.260 suffer from a protection mechanism failure whereby an attacker with network access to the InsightVM Console can cause it to overload or crash by sending repeated invalid REST requests in a short timeframe, to the Console's port 443 causing the conso...

Malicious code in wlwz-2312-6504 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 29bf7c8ee72f6e6364abd7b7fcdc739c1e8786eac6d0445b7b558afa32dc21a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-6504

creationtimestamp| type| source ---|---|--- 2024-01-11 10:26:36+00:00| seen| https://t.me/ctinow/166426 2024-01-24 15:46:48+00:00| seen| https://t.me/ctinow/172848...

CVE-2023-6504

The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wppbtoolboxusermetahandler function in all versions up to, and including, 3.10.7. This makes it...

WordPress Profile Builder Plugin <= 3.10.7 is vulnerable to Insecure Direct Object References (IDOR)

Software Profile Builder Type Plugin Vulnerable versions = 3.10.7 Fixed in 3.10.8 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-6504 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4a72357868f4 Credits Francesco...

Ubuntu 22.04 LTS / 23.04 / 23.10 : tracker-miners vulnerability (USN-6504-1)

The remote Ubuntu 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6504-1 advisory. It was discovered that tracker-miners incorrectly handled sandboxing. If a second security issue was discovered in tracker-miners, an attacker cou...

SUSE CVE-2014-6504

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, and 7u67, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Hotspot...

SUSE CVE-2017-6504

WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options header, which could potentially lead to clickjacking...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Tivoli Storage Productivity Center October 2014 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM Tivoli Storage Productivity Center. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These issues were disclosed as par...

br.net.woodstock.rockframework:rockframework-web (>=1.2.1 <=1.2.2), info.kfgodel:bean2bean (>=1.1.5 <=1.1.6) +27 more potentially affected by CVE-2008-6504 via com.opensymphony:xwork (>=2.1.0 <=2.1.1)

com.opensymphony:xwork MAVEN version =2.1.0, =1.2.1, =1.1.5, =1.1.6 - net.sf.fastupload:fastupload-core =0.4.7 - org.apache.struts:struts2-apps =2.1.2 - org.apache.struts:struts2-blank =2.1.2 - org.apache.struts:struts2-codebehind-plugin =2.1.2 - org.apache.struts:struts2-config-browser-plugin...

com.github.yujiaao:jmesa (>=4.0.1 <=4.1.3), com.microsoft.azure:applicationinsights-web (>=0.9.2 <=2.4.0-BETA) +23 more potentially affected by CVE-2008-6504 via com.opensymphony:xwork (>=2.0.4 <=2.0.5)

com.opensymphony:xwork MAVEN version =2.0.4, =4.0.1, =0.9.2, =2.0.9, =2.0.9, =2.0.9, =2.0.9, =2.0.9, =2.0.9, =2.0.9, =2.0.9, =2.0.9, =2.0.9, =2.0.9, =2.0.9, =2.0.11.2 and more Source cves: CVE-2008-6504 Source advisory: OSV:GHSA-WXW2-2MX5-C5QF...

Mageia: Security Advisory (MGASA-2014-0422)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2212-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...