CVE-2025-6640

PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2025-6640

PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2025-6640 PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability

PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2025-6640 PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability

PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2025-6640

PDF-XChange Editor is affected by a Use-After-Free in U3D file parsing that can lead to remote code execution. The flaw arises from not validating the existence of an object before operating on it, enabling code execution in the current process when a user opens a malicious file or visits a malic...

CVE-2020-6640

An improper neutralization of input vulnerability in the Admin Profile of FortiAnalyzer may allow a remote authenticated attacker to perform a stored cross site scripting attack XSS via the Description Area...

CVE-2012-6640

Cross-site scripting XSS vulnerability in Horde Internet Mail Program IMP before 5.0.22, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web script or HTML via a crafted SVG image attachment, a different vulnerability than CVE-2012-5565...

CVE-2019-6640

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, SNMP exposes sensitive configuration objects over insecure transmission channels. This issue is exposed when a passphrase is inserted into various profile types and accessed using SNMPv...

CVE-2024-6640

CVE-2024-6640 concerns FreeBSD pf: In ICMPv6 Neighbor Discovery, the ND state ID is always 0. When pf is configured to allow ND but block incoming Echo Requests, a crafted Echo Request after a Neighbor Solicitation from the same host with identifier 0 can trigger an Echo Reply, causing ICMPv6 pac...

CVE-2024-6640 pf incorrectly matches different ICMPv6 states in the state table

In ICMPv6 Neighbor Discovery ND, the ID is always 0. When pf is configured to allow ND and block incoming Echo Requests, a crafted Echo Request packet after a Neighbor Solicitation NS can trigger an Echo Reply. The packet has to come from the same host as the NS and have a zero as identifier to...

CVE-2024-6640 pf incorrectly matches different ICMPv6 states in the state table

In ICMPv6 Neighbor Discovery ND, the ID is always 0. When pf is configured to allow ND and block incoming Echo Requests, a crafted Echo Request packet after a Neighbor Solicitation NS can trigger an Echo Reply. The packet has to come from the same host as the NS and have a zero as identifier to...

CVE-2023-6640

creationtimestamp| type| source ---|---|--- 2024-02-21 21:31:51+00:00| seen| https://t.me/ctinow/190087 2024-02-21 21:36:33+00:00| seen| https://t.me/ctinow/190097 2024-02-22 19:50:05+00:00| seen| https://t.me/arpsyndicate/4022...

CVE-2023-6640

Malformed S2 Nonce Get Command Class packets can be sent to crash PC Controller v5.54.0 and earlier...

CVE-2023-6640 Silicon Labs PC Controller v5.54.0 and Earlier Denial of Service Vulnerability

Malformed S2 Nonce Get Command Class packets can be sent to crash PC Controller v5.54.0 and earlier...

CVE-2023-6640

CVE-2023-6640 involves Silicon Labs PC Controller (v5.54.0 and earlier). The vulnerability stems from malformed S2 Nonce Get Command Class packets that can crash the PC Controller, yielding a Denial of Service in affected versions. The NVD entry lists a CVSSv3.1 base score of 6.5 (Attack Vector: ...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : shadow vulnerability (USN-6640-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6640-1 advisory. It was discovered that shadow was not properly sanitizing memory when running the password utility. An...

K40443301: SNMP vulnerability CVE-2019-6640

Security Advisory Description SNMP exposes sensitive configuration objects over insecure transmission channels. This issue is exposed when a passphrase is inserted into various profile types and accessed using SNMPv2. CVE-2019-6640 Impact An attacker with direct SNMP access to a BIG-IP system, or...

SUSE CVE-2012-6640

Cross-site scripting XSS vulnerability in Horde Internet Mail Program IMP before 5.0.22, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web script or HTML via a crafted SVG image attachment, a different vulnerability than CVE-2012-5565...

Mageia: Security Advisory (MGASA-2013-0383)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-6640

CVE-2020-6640 describes a stored cross-site scripting (XSS) vulnerability in the Fortinet FortiAnalyzer Admin Profile, enabling a remote, authenticated attacker to execute client-side scripts via the Description Area. The issue affects the Admin Profile input handling and arises from improper inp...