CVE-2026-6635 rowboatlabs rowboat tools_webhook app.py tool_call improper authentication

A security vulnerability has been detected in rowboatlabs rowboat up to 0.1.67. This impacts the function toolcall of the file apps/experimental/toolswebhook/app.py of the component toolswebhook. Such manipulation of the argument X-Tools-JWE leads to improper authentication. The attack may be...

MINI-GG3V-6635-CF54

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2016-6635

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site request forgery CSRF vulnerability in the wpajaxwpcompressiontest function in wp- admin/includes/ajax-actions.php in WordPress before 4.5 allows remo...

CVE-2025-6635

A maliciously crafted PRT file, when linked or imported into certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

CVE-2025-6635

CVE-2025-6635 describes an out-of-bounds read in Autodesk products triggered by parsing specially crafted PRT files. Affected software is Autodesk AutoCAD (and related products per sources). The vulnerability arises during PRT file parsing and can cause a crash, read sensitive data, or, per some ...

CVE-2019-6635

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, when the BIG-IP system is licensed for Appliance mode, a user with either the Administrator or the Resource Administrator role can bypass Appliance mode restrictions...

CVE-2024-6635

creationtimestamp| type| source ---|---|--- 2024-07-20 11:26:27+00:00| seen| https://t.me/cvedetector/1249 2025-02-14 10:03:09+00:00| seen| Telegram/QkjhCOrusEwPU1K-u5WxXEeJwfAbdQVMmnoPH-ZKJw6PTmi...

CVE-2023-6635

creationtimestamp| type| source ---|---|--- 2024-02-29 10:26:08+00:00| seen| https://t.me/ctinow/196465...

Ubuntu 22.04 LTS : Linux kernel (GCP) vulnerabilities (USN-6635-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6635-1 advisory. It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading ...

WordPress Gutenberg Block Editor Toolkit Plugin <= 1.40.3 is vulnerable to Arbitrary File Upload

Software Gutenberg Block Editor Toolkit Type Plugin Vulnerable versions = 1.40.3 Fixed in 1.40.4 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-6635 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID d39ac6b70847 Credits István Márton Required...

CVE-2023-6635

The CVE-2023-6635 entry concerns the WordPress EditorsKit plugin. Affected component: the import_styles function. Root cause: missing file type validation allows an authenticated administrator to upload arbitrary files to the site server, potentially enabling remote code execution. Affected versi...

K11330536: BIG-IP Appliance mode vulnerability CVE-2019-6635

Security Advisory Description When the BIG-IP system is licensed for Appliance mode, a user with either the Administrator or the Resource Administrator role can bypass Appliance mode restrictions. CVE-2019-6635 Impact BIG-IP This vulnerability allows local attackers with high-level privileges to...

Mageia: Security Advisory (MGASA-2013-0383)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-6635

creationtimestamp| type| source ---|---|--- 2019-07-04 18:00:03+00:00| seen| https://t.me/cveNotify/186 2019-07-05 17:00:16+00:00| seen| https://t.me/cveNotify/242...

CVE-2019-6635

CVE-2019-6635 affects BIG-IP appliances in Appliance mode. A user with Administrator or Resource Administrator role can bypass Appliance mode restrictions, enabling local attackers to overwrite arbitrary files. Impact is confined to BIG-IP hardware platforms running Appliance mode; virtual platfo...

CVE-2018-6635

Avaya Aura System Manager (SMGR) before 7.1.2 is affected. The vulnerability arises from improper use of SSL in conjunction with authentication, enabling remote attackers to bypass the intended Remote Method Invocation (RMI) restrictions (SMGR-26896). Impact is exposure of remote access controls,...

Cisco Prime Collaboration Provisioning licensestatus.jsp Arbitrary File Deletion (CVE-2017-6635)

An arbitrary file deletion exists in Cisco Prime Collaboration Provisioning. The vulnerability is due to insufficient validation on user-supplied paths before using them in file operations. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted request to the targe...

[SECURITY] [DSA 3681-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3681-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez September 29, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DLA 633-1] wordpress security update

Package : wordpress Version : 3.6.1+dfsg-1deb7u12 CVE ID : CVE-2015-8834 CVE-2016-4029 CVE-2016-5836 CVE-2016-6634 CVE-2016-6635 CVE-2016-7168 CVE-2016-7169 Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project identifies the...

CVE-2016-6635

Cross-site request forgery CSRF vulnerability in the wpajaxwpcompressiontest function in wp-admin/includes/ajax-actions.php in WordPress before 4.5 allows remote attackers to hijack the authentication of administrators for requests that change the script compression option...