MINI-938W-GJ77-6639

Bulletin has no description...

CVE-2025-6639

creationtimestamp| type| source ---|---|--- 2025-10-25 07:30:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m3yumj6uyy2i...

WordPress Tutor LMS Pro plugin <= 3.8.3 - Authenticated (Subscriber+) Insecure Direct Object Reference to View/Edit Other Assignments vulnerability

Authenticated Subscriber+ Insecure Direct Object Reference to View/Edit Other Assignments vulnerability discovered by sergioframi in WordPress Plugin Tutor LMS Pro versions = 3.8.3...

CVE-2019-6639

On BIG-IP AFM, PEM 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, an undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerable to a stored cross-site scripting XSS issue. This is a control plane issue only and is not...

CVE-2006-6639

Multiple unspecified vulnerabilities in chetcpasswd 2.4.1 allow local users to gain privileges via unspecified vectors related to executing 1 the cp program, 2 the mail program, or 3 the program specified in the postchange configuration line...

CVE-2024-6639

creationtimestamp| type| source ---|---|--- 2024-08-12 16:46:47+00:00| seen| https://t.me/cvedetector/2841...

CVE-2024-6639 MDx <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via mdx_list_item Shortcode

The MDx theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdxlistitem' shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...

CVE-2024-6639 MDx <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via mdx_list_item Shortcode

The MDx theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdxlistitem' shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...

CVE-2012-6639

creationtimestamp| type| source ---|---|--- 2024-02-27 08:16:58+00:00| seen| https://t.me/ctinow/194075...

Ubuntu: Security Advisory (USN-6639-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6639-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6639-1 advisory. It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free...

CVE-2015-6639

creationtimestamp| type| source ---|---|--- 2023-12-12 11:47:09+00:00| seen| https://t.me/arpsyndicate/1804...

Mageia: Security Advisory (MGASA-2013-0383)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2012-6639

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data...

CVE-2012-6639

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data...

CVE-2012-6639

CVE-2012-6639 describes a privilege-elevation vulnerability in Cloud-init prior to 0.7.0. The issue occurs when requests to an untrusted system are made for EC2 instance data, allowing an attacker with network access to leverage low-privileged execution to gain higher privileges. The available co...

F5 Networks BIG-IP : BIG-IP AFM and PEM TMUI XSS vulnerability (K61002104)

Undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerable to a stored cross-site scripting XSS issue. This is a control plane issue only and is not accessible from the data plane. The attack requires a malicious resource administrator to store the XSS. CVE-2019-6639 Impact A...

Denial Of Service (DoS)

V8 is Google's open source JavaScript engine. It was discovered that V8 did not properly check the stack size limit in certain cases. A remote attacker able to send a request that caused a script executed by V8 to use deep recursion could trigger a stack overflow, leading to a crash of an...

CVE-2018-6639

An out-of-bounds write Remote Code Execution issue was discovered in Design Science MathType 6.9c. A size used by memmove is read from the input file. This is fixed in 6.9d...

CVE-2018-6639

CVE-2018-6639: Design Science MathType 6.9c contains an out-of-bounds write that reads a size for memmove from the input file, enabling remote code execution. Affects MathType 6.9c; fixed in 6.9d. Evidence from multiple sources confirms the flaw and the exact fix version; no exploitation details ...