CVE-2026-6551

creationtimestamp| type| source ---|---|--- 2026-04-28 23:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mklqnmviap2a 2026-04-29 13:44:53+00:00| seen| https://bsky.app/profile/donwebmedia.bsky.social/post/3mknaapny5o2u...

CVE-2025-6551

A vulnerability was found in java-aodeng Hope-Boot 1.0.0 and classified as problematic. This issue affects the function Login of the file /src/main/java/com/hope/controller/WebController.java. The manipulation of the argument errorMsg leads to cross site scripting. The attack may be initiated...

CVE-2025-6551

creationtimestamp| type| source ---|---|--- 2025-06-24 01:46:56+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19279...

CVE-2025-6551 java-aodeng Hope-Boot WebController.java login cross site scripting

A vulnerability was found in java-aodeng Hope-Boot 1.0.0 and classified as problematic. This issue affects the function Login of the file /src/main/java/com/hope/controller/WebController.java. The manipulation of the argument errorMsg leads to cross site scripting. The attack may be initiated...

CVE-2025-6551 java-aodeng Hope-Boot WebController.java login cross site scripting

A vulnerability was found in java-aodeng Hope-Boot 1.0.0 and classified as problematic. This issue affects the function Login of the file /src/main/java/com/hope/controller/WebController.java. The manipulation of the argument errorMsg leads to cross site scripting. The attack may be initiated...

CVE-2025-6551

The CVE-2025-6551 entry affects java-aodeng Hope-Boot 1.0.0, specifically the Login function in WebController.java. The vulnerability arises from improper handling of the errorMsg argument, enabling cross-site scripting (XSS). The issue is potentially exploitable remotely and, per sources, a publ...

CentOS 6 : chromium-browser (RHSA-2020:3560)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3560 advisory. - Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...

CVE-2024-6551 GiveWP <= 3.15.1 - Unauthenticated Full Path Disclosure

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.15.1. This is due to the plugin utilizing Symfony and leaving displayerrors on within test files. This makes it possible for unauthenticated...

CVE-2024-6551 GiveWP <= 3.15.1 - Unauthenticated Full Path Disclosure

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.15.1. This is due to the plugin utilizing Symfony and leaving displayerrors on within test files. This makes it possible for unauthenticated...

CVE-2023-6551

creationtimestamp| type| source ---|---|--- 2024-01-04 17:26:35+00:00| seen| https://t.me/ctinow/163120 2024-01-05 01:34:54+00:00| seen| https://t.me/cibsecurity/74426 2024-01-24 09:11:56+00:00| seen| https://t.me/ctinow/172589...

CVE-2023-6551 Stored XSS in class.upload.php

As a simple library, class.upload.php does not perform an in-depth check on uploaded files, allowing a stored XSS vulnerability when the default configuration is used. Developers must be aware of that fact and use extension whitelisting accompanied by forcing the server to always provide...

Ubuntu 22.04 LTS / 23.04 / 23.10 : Ghostscript vulnerability (USN-6551-1)

The remote Ubuntu 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6551-1 advisory. It was discovered that Ghostscript incorrectly handled writing TIFF files. A remote attacker could possibly use this issue to cause Ghostscript to...

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilties in GNU C Library

Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in GNU C Library. Vulnerability Details CVEID: CVE-2018-6551 DESCRIPTION: GNU glibc could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the malloc...

Oracle Linux 9 : yajl (ELSA-2023-6551)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6551 advisory. - fix CVE-2023-33460 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

RHEL 9 : yajl (RHSA-2023:6551)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6551 advisory. Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser written in ANSI C, and a small validating JSON generator. Security Fixes:...

K11274054: GNU C Library vulnerability CVE-2018-6551

Security Advisory Description The malloc implementation in the GNU C Library aka glibc or libc6, from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZEMAX and could return a pointer to a heap region that is smaller...

GLSA-202008-07 : Chromium, Google Chrome: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202008-07 Chromium, Google Chrome: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the CVE identifiers referenced below for details. Impact : Please review the...

GHSA-RP9P-863F-9C4H Cross-site Scripting in Apache ActiveMQ

Multiple cross-site scripting XSS vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via 1 the refresh parameter to PortfolioPublishServlet.java aka demo/portfolioPublish or Market Data Publisher, or vectors involving 2...

org.apache.activemq:apache-activemq (>=4.1.1 <=5.19.6), org.apache.axis2:axis2-integration (=1.4) +4 more potentially affected by CVE-2012-6551 via org.apache.activemq:activemq-web-demo (>=4.1.1 <=5.7.0)

org.apache.activemq:activemq-web-demo MAVEN version =4.1.1, =4.1.1, =1.2.0, =1.1.0, =1.3.0 - org.apache.camel:camel-example-spring =1.2.0 - org.apache.camel:camel-example-spring-xquery =1.3.0 Source cves: CVE-2012-6551 Source advisory: OSV:GHSA-34FP-XVXP-RG22...

org.apache.axis2:axis2-integration (=1.4), org.apache.camel:camel-example-cxf (>=1.2.0 <=1.3.0) +3 more potentially affected by CVE-2012-6551 via org.apache.activemq:apache-activemq (>=4.1.1 <=5.0.0)

org.apache.activemq:apache-activemq MAVEN version =4.1.1, =1.2.0, =1.1.0, =1.3.0 - org.apache.camel:camel-example-spring =1.2.0 - org.apache.camel:camel-example-spring-xquery =1.3.0 Source cves: CVE-2012-6551 Source advisory: OSV:GHSA-34FP-XVXP-RG22...