CVE-2026-6619

creationtimestamp| type| source ---|---|--- 2026-04-20 11:53:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjwfttkvi72k...

CVE-2026-6619 langgenius dify ImagePreview image-preview.tsx openInNewTab cross site scripting

A vulnerability has been found in langgenius dify up to 1.13.3. Impacted is the function openInNewTab of the file web/app/components/base/image-uploader/image-preview.tsx of the component ImagePreview. The manipulation of the argument filename leads to cross site scripting. The attack may be...

CVE-2026-6619

The CVE affects langgenius dify up to version 1.13.3, specifically the ImagePreview component’s openInNewTab in web/app/components/base/image-uploader/image-preview.tsx. The vulnerability arises from manipulating the filename argument, enabling cross-site scripting. Impact is described as remote ...

TOTOLINK LR1200GB 安全漏洞

TOTOLINK LR1200GB is a wireless dual-band 4G LTE router from China's Gion Electronics TOTOLINK. A security vulnerability exists in ToToLink LR1200GB version V9.1.0u.6619B20230130 and NR1800X version V9.1.0u.6681B20230703, which stems from improper handling of the lang parameter in the cstecgi.cgi...

CVE-2025-6619

A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. Affected by this vulnerability is the function setUpgradeFW of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit...

CVE-2025-6619 TOTOLINK CA300-PoE upgrade.so setUpgradeFW os command injection

A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. Affected by this vulnerability is the function setUpgradeFW of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit...

CVE-2025-6619 TOTOLINK CA300-PoE upgrade.so setUpgradeFW os command injection

A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. Affected by this vulnerability is the function setUpgradeFW of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit...

CVE-2025-6619

CVE-2025-6619 applies to TOTOLINK CA300-PoE firmware 6.2c.884. The vulnerability is in the upgrade.so module, in the setUpgradeFW function, where improper handling of the FileName argument enables OS command injection . Exploitation is possible remotely, and multiple sources describe public discl...

CVE-2020-6619

stb stbtruetype.h through 1.22 has an assertion failure in stbttbufseek...

CVE-2019-6619

On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, the Traffic Management Microkernel TMM may restart when a virtual server has an HTTP/2 profile with Application Layer Protocol Negotiation ALPN enabled and it processes traffic where the ALPN extension size is zero...

RHEL 6 : mongodb (RHSA-2014:0230)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0230 advisory. MongoDB is a NoSQL database. A buffer over-read flaw was found in the way MongoDB handled BSON data. A database user permitted to insert BSON data in...

CVE-2024-6619

In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service...

CVE-2024-6619 Incorrect Permission Assignment for Critical Resource in Ocean Data Systems Dream Report

In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service...

CVE-2024-6619 Incorrect Permission Assignment for Critical Resource in Ocean Data Systems Dream Report

In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service...

Ubuntu: Security Advisory (USN-6619-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-1252 · Totolink · Totolink Lr1200Gb

Name of the Vulnerable Software and Affected Versions: Totolink LR1200GB version 9.1.0u.6619 B20230130 Description: A critical issue affects the setParentalRules function of the /cgi-bin/cstecgi.cgi file, where manipulation of the sTime argument leads to a stack-based buffer overflow. This can be...

PT-2024-1167 · Totolink · Totolink Lr1200Gb

Name of the Vulnerable Software and Affected Versions: Totolink LR1200GB version 9.1.0u.6619 B20230130 Description: A critical issue was found in the function setWanCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostName leads to os command injection. It is possible to...

PT-2024-1057 · Totolink · Totolink Lr1200Gb

Name of the Vulnerable Software and Affected Versions: Totolink LR1200GB version 9.1.0u.6619 B20230130 Description: A critical issue exists due to the lack of neutralization of special elements in the setUssd function of the /cgi-bin/cstecgi.cgi file. This allows a remote attacker to execute...

PT-2024-1060 · Totolink · Totolink Lr1200Gb

Name of the Vulnerable Software and Affected Versions: Totolink LR1200GB version 9.1.0u.6619 B20230130 Description: A critical vulnerability exists in the setOpModeCfg function of the /cgi-bin/cstecgi.cgi file due to the lack of neutralization of special elements. This allows a remote attacker to...

CVE-2023-6619

creationtimestamp| type| source ---|---|--- 2023-12-31 13:16:50+00:00| seen| https://t.me/ctinow/161075...