DEBIAN-CVE-2026-6526

RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4...

CVE-2026-6526

RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4...

CVE-2026-6526

The CVE-2026-6526 entry concerns a NULL pointer dereference in the RTSP protocol dissector of Wireshark, affecting versions 4.6.0 through 4.6.4. This crash is the defined impact, with CVSSv3.1 metrics indicating Local attack vector, Low attack complexity, requiring user interaction, and a High av...

CVE-2026-6526 NULL Pointer Dereference in Wireshark

RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4...

CVE-2025-6526

CVE-2025-6526 affects 70mai M300 up to 20250611, specifically the HTTP Server component. The vulnerability arises from insufficient protection of credentials, enabling an attack that can be performed from within the local network. The documented attack complexity is high and exploitation is descr...

CVE-2025-6526 70mai M300 HTTP Server insufficiently protected credentials

A vulnerability, which was classified as problematic, has been found in 70mai M300 up to 20250611. This issue affects some unknown processing of the component HTTP Server. The manipulation leads to insufficiently protected credentials. The attack can only be done within the local network. The...

CVE-2024-6526

A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03. This affects an unknown part. The manipulation of the argument searchtitle/catName/sub/name/categorie leads to cross site scripting. It is possib...

CVE-2023-6526

The Meta Box – WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta values displayed through the plugin's shortcode in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping. This make...

CVE-2024-6526

creationtimestamp| type| source ---|---|--- 2024-07-05 16:40:32+00:00| seen| https://t.me/cvedetector/101...

CVE-2023-6526

creationtimestamp| type| source ---|---|--- 2024-02-29 09:56:51+00:00| seen| https://t.me/ctinow/196422...

WordPress Meta Box – WordPress Custom Fields Framework Plugin <= 5.9.2 is vulnerable to Cross Site Scripting (XSS)

Software Meta Box – WordPress Custom Fields Framework Type Plugin Vulnerable versions = 5.9.2 Fixed in 5.9.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6526 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 03fafb4798e5...

CVE-2023-6526 Meta Box – WordPress Custom Fields Framework <= 5.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Meta Box – WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta values displayed through the plugin's shortcode in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping. This make...

CVE-2023-6526

CVE-2023-6526 affects the WordPress plugin Meta Box – WordPress Custom Fields Framework . The vulnerability is a Stored Cross-Site Scripting (XSS) via custom post meta values rendered by the plugin’s shortcode, present in all versions up to and including 5.9.2. The root cause is insufficient inpu...

Ubuntu: Security Advisory (USN-6526-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : GStreamer Bad Plugins vulnerabilities (USN-6526-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6526-1 advisory. It was discovered that GStreamer Bad Plugins incorrectly handled certain media files. A remote attacker could use this issue ...

Moxa IKS, EDS Missing Encryption of Sensitive Data (CVE-2019-6526)

Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...

Fedora 31 : chromium (2020-84d87cbd50)

Just enough time for one more update. Chromium 84. Fixes CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519 CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524 CVE-2020-6525 CVE-2020-6526...

Fedora 32 : chromium (2020-bf684961d9)

Just enough time for one more update. Chromium 84. Fixes CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519 CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524 CVE-2020-6525 CVE-2020-6526...

GLSA-202007-08 : Chromium, Google Chrome: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202007-08 Chromium, Google Chrome: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the CVE identifiers referenced below for details. Impact : Please review the...

CVE-2020-6526

Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...