104 matches found
CVE-2026-6585
A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function updateorganisation of the file superagi/controllers/organisation.py of the component Organisation Update Endpoint. This manipulation of the argument organisationid causes authorization...
CVE-2026-6585
creationtimestamp| type| source ---|---|--- 2026-04-20 04:01:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjvlh2kdxd2p...
CGA-H3X8-5HJG-6585
Bulletin has no description...
CVE-2025-6585
The WP JobHunt WordPress plugin (versions up to 7.2) is affected by an Insecure Direct Object Reference through the cs_remove_profile_callback() function due to missing validation on a user-controlled key. This allows authenticated attackers with Subscriber-level access or higher to delete accoun...
CVE-2025-6585 WP JobHunt <= 7.2 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Account Deletion
The WP JobHunt plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.2 via the csremoveprofilecallback function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level...
WordPress WP JobHunt plugin <= 7.2 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Account Deletion vulnerability
Authenticated Subscriber+ Insecure Direct Object Reference to Arbitrary Account Deletion vulnerability discovered by ixec in WordPress Plugin WP JobHunt versions = 7.2...
CVE-2023-6585
The WP JobSearch WordPress plugin before 2.3.4 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server...
CVE-2019-6585
A vulnerability has been identified in SCALANCE S602 All versions = V3.0 and = V3.0 and = V3.0 and = V3.0 and V4.1. The integrated configuration web server of the affected devices could allow Cross-Site Scripting XSS attacks if unsuspecting users are tricked into accessing a malicious link. User...
Linux Distros Unpatched Vulnerability : CVE-2014-6585
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a...
CVE-2024-6585
creationtimestamp| type| source ---|---|--- 2024-08-31 01:41:24+00:00| seen| https://t.me/cvedetector/4557...
CVE-2023-6585
creationtimestamp| type| source ---|---|--- 2024-02-27 10:26:08+00:00| seen| https://t.me/ctinow/194182 2024-02-27 10:26:28+00:00| seen| https://t.me/ctinow/194196...
CVE-2023-6585
The CVE-2023-6585 issue affects the WP JobSearch WordPress plugin prior to version 2.3.4. The vulnerability stems from inadequate validation of uploaded files, allowing unauthenticated attackers to upload arbitrary files (e.g., PHP) to the server, potentially enabling remote code execution. The i...
WordPress JobSearch Plugin < 2.3.4 is vulnerable to Remote Code Execution (RCE)
Software JobSearch Type Plugin Vulnerable versions 2.3.4 Fixed in 2.3.4 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-6585 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 637575b94b70 Credits Furkan Gedik Required privilege Published 27...
Ubuntu 23.10 : libssh2 vulnerability (USN-6585-1)
The remote Ubuntu 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6585-1 advisory. Fabian Bumer, Marcus Brinkmann, Jrg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept...
Siemens SCALANCE S-600 Improper Neutralization of Script-Related HTML Tags in a Web Page (CVE-2019-6585)
A vulnerability has been identified in SCALANCE S602 All versions = V3.0 and = V3.0 and = V3.0 and = V3.0 and = V3.0 and = V3.0 and = V3.0 and V4.1, SCALANCE S627-2M All version...
Oracle Linux 9 : ruby (ELSA-2022-6585)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-6585 advisory. - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 Tenable has extracted the preceding description block directly from the Oracle Linux...
RHEL 9 : ruby (RHSA-2022:6585)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6585 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...
Mageia: Security Advisory (MGASA-2015-0037)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:0503-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-6585
Nagios Log Server 2.1.3 has CSRF...