ECHO-EA81-22AA-6506

Bulletin has no description...

CVE-2026-6506

creationtimestamp| type| source ---|---|--- 2026-05-14 08:30:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlsfmrqirb2t 2026-05-14 09:12:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlshytfeay2n...

CVE-2026-6506

The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.1.2. This is due to the infusedwoogdprupddata function missing authorization and capability checks, as well as lacking restrictions on which user meta keys can be updated. This...

MiracleLinux 3 : java-1.6.0-openjdk-1.6.0.33-1.13.5.0.0.1.AXS3 (AXSA:2014-598:04)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-598:04 advisory. Description : The OpenJDK runtime environment. Security issues fixed with this release: CVE-2014-6457 CVE-2014-6502 CVE-2014-6504 CVE-2014-6506...

EUVD-2018-9403

Malware in sbrugna...

CVE-2023-6506

The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.5.0 via the sendbackupcodesemail due to missing validation on a user controlled key. This makes it possible for subscriber-level...

Linux Distros Unpatched Vulnerability : CVE-2016-6506

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service...

CVE-2024-6506

creationtimestamp| type| source ---|---|--- 2024-07-04 16:00:34+00:00| seen| https://t.me/cvedetector/53...

Malicious code in wlwz-2312-6506 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7aea22472e70a964e13cab36afaced4e3acd063cd17957600a0f42dc8183216d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-6506

creationtimestamp| type| source ---|---|--- 2024-01-11 08:31:29+00:00| seen| https://t.me/ctinow/166355 2024-01-23 14:56:41+00:00| seen| https://t.me/ctinow/172004...

CVE-2023-6506

The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.5.0 via the sendbackupcodesemail due to missing validation on a user controlled key. This makes it possible for subscriber-level...

CVE-2023-6506

The CVE-2023-6506 entry concerns the WP 2FA – Two-factor authentication for WordPress plugin. Affected: WP 2FA, versions up to and including 2.5.0. Issue: insecure direct object reference (IDOR) via send_backup_codes_email caused by missing validation on a user-controlled key, enabling subscriber...

CVE-2023-6506 WP 2FA <= 2.5.0 - Insecure Direct Object Reference to Arbitrary Email Sending

The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.5.0 via the sendbackupcodesemail due to missing validation on a user controlled key. This makes it possible for subscriber-level...

WordPress WP 2FA Plugin <= 2.5.0 is vulnerable to Insecure Direct Object References (IDOR)

Software WP 2FA Type Plugin Vulnerable versions = 2.5.0 Fixed in 2.6.0 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-6506 Patch priority Low CVSS severity Low 4.3 Developer Melapress PSID 04c088b10b91 Credits Ulyses Saicha Required...

Ubuntu: Security Advisory (USN-6506-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Apache HTTP Server vulnerabilities (USN-6506-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6506-1 advisory. David Shoon discovered that the Apache HTTP Server modmacro module incorrectly handled certain memory operations. A remote...

SUSE CVE-2006-6506

The "Feed Preview" feature in Mozilla Firefox 2.0 before 2.0.0.1 sends the URL of the feed when requesting favicon.ico icons, which results in a privacy leak that might allow feed viewing services to determine browsing habits...

SUSE CVE-2014-6506

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...

SUSE CVE-2020-6506

Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page...

Moderate: Red Hat Security Advisory: openvswitch2.16 security update

An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...