Lucene search
K

41 matches found

Circl
Circl
added 2026/05/14 9:21 a.m.23 views

CVE-2026-6670

creationtimestamp| type| source ---|---|--- 2026-05-14 09:21:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlsikcrxvo2k...

6.5CVSS5.8AI score0.00526EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : flatpak-1.12.8-1.el9 (AXSA:2023-6670:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6670:03 advisory. flatpak: TIOCLINUX can send commands outside sandbox if running on a virtual console CVE-2023-28100 flatpak: Metadata with ANSI control codes can...

10CVSS5.7AI score0.00887EPSS
Exploits0References3
Circl
Circl
added 2025/11/18 12:49 p.m.4 views

CVE-2025-6670

creationtimestamp| type| source ---|---|--- 2025-11-18 12:49:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5vrlxlhx72k...

8.8CVSS5.8AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:46 a.m.9 views

CVE-2019-6670

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the filesystem...

4.4CVSS7AI score0.00207EPSS
Exploits0References1
Metasploit
Metasploit
added 2024/09/27 6:53 p.m.325 views

WhatsUp Gold SQL Injection (CVE-2024-6670)

This module exploits a SQL injection vulnerability in WhatsUp Gold, by changing the password of an existing user such as of the default admin account to an attacker-controlled one. WhatsUp Gold versions use auxiliary/admin/http/whatsupgoldsqli msf auxiliarywhatsupgoldsqli show actions ...actions...

9.8CVSS7.5AI score0.94661EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/09/17 12:0 a.m.20 views

Oracle Linux 8 : pcs (ELSA-2024-6670)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6670 advisory. 0.10.18-2.0.1.el810.2 - Replace HAM-logo.png with a generic one 0.10.18-2.el810.2 - Updated rubygem rexml Resolves: RHEL-52409, RHEL-52788, RHEL-55997...

7.5CVSS7.1AI score0.01283EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/09/16 12:0 a.m.17 views

Rocky Linux 8 : pcs (RLSA-2024:6670)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:6670 advisory. rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, and CVE-2024-41123 rexml: DoS vulnerability ...

7.5CVSS7AI score0.01283EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/09/16 12:0 a.m.27 views

RHEL 8 : pcs (RHSA-2024:6670)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6670 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rexml: rubygem-rexml:...

7.5CVSS7.1AI score0.01283EPSS
Exploits0References9
The Hacker News
The Hacker News
added 2024/09/13 11:4 a.m.43 views

Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw

Malicious actors are likely leveraging publicly available proof-of-concept PoC exploits for recently disclosed security flaws in Progress Software WhatsUp Gold to conduct opportunistic attacks. The activity is said to have commenced on August 30, 2024, a mere five hours after a PoC was released f...

10CVSS8.2AI score0.99984EPSS
Exploits34
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/09/12 12:0 a.m.27 views

Protecting Against RCE Attacks Abusing WhatsUp Gold Vulnerabilities

In this blog entry, we provide an analysis of the recent remote code execution attacks related to Progress Software’s WhatsUp Gold that possibly abused the vulnerabilities CVE-2024-6670 and CVE-2024-6671...

9.8CVSS8.4AI score0.94661EPSS
Exploits2
VulnCheck KEV
VulnCheck KEV
added 2024/09/12 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-6670

Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured with only a single user...

9.8CVSS5.9AI score0.94661EPSS
Exploits2References1
GithubExploit
GithubExploit
added 2024/08/30 5:13 p.m.851 views

Exploit for SQL Injection in Progress Whatsup_Gold

CVE-2024-6670 PoC for Progress Software WhatsUp Gold HasErrors...

9.8CVSS10AI score0.94661EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2024/08/29 10:4 p.m.29 views

CVE-2024-6670 WhatsUp Gold HasErrors SQL Injection Authentication Bypass Vulnerability

In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password...

9.8CVSS8.1AI score0.94661EPSS
Exploits2References2
CVE
CVE
added 2024/08/29 10:4 p.m.232 views

CVE-2024-6670

Summary (CVE-2024-6670): Progress WhatsUp Gold prior to version 24.0.0 contains a SQL Injection vulnerability that can allow an unauthenticated attacker to retrieve a user’s encrypted password. Public references confirm exploitation guidance (e.g., Metasploit module) and acknowledgments by CISA K...

9.8CVSS9.8AI score0.94661EPSS
In wildExploits2References3Affected Software1
Circl
Circl
added 2024/08/24 9:50 a.m.57 views

CVE-2024-6670

creationtimestamp| type| source ---|---|--- 2024-08-24 09:50:28+00:00| published-proof-of-concept| https://t.me/HackingInsights/11136 2024-08-30 01:25:57+00:00| seen| https://t.me/cvedetector/4481 2024-08-30 20:28:51+00:00| published-proof-of-concept| https://t.me/proxybar/2254 2024-08-30...

9.8CVSS7.5AI score0.94661EPSS
In wildExploits2References36
Circl
Circl
added 2024/03/05 8:8 a.m.6 views

CVE-2019-6670

creationtimestamp| type| source ---|---|--- 2024-03-05 08:08:39+00:00| seen| https://t.me/ctinow/199989...

4.4CVSS4.6AI score0.00207EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/12/28 12:0 a.m.5 views

Moodle 4.2.x < 4.2.4, 4.3.x < 4.3.1 Multiple Vulnerabilities

Moodle is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:moodle:moodle"; ifdescription...

7.2AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/11/30 12:0 a.m.8 views

Trellix Enterprise Security Manager < 11.6.8 SSRF

The version of Trellix Enterprise Security Manager running on the remote web server is prior to 11.6.8. It is, therefore, affected by a server-side request forgery SSRF vulnerability. Due to a flaw in the certificate validation functionality, a remote, authenticated attacker can upload arbitrary...

5.8AI score
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 6:46 p.m.29 views

K05765031: vCMP vulnerability CVE-2019-6670

Security Advisory Description vCMP hypervisors incorrectly expose the plaintext unit key for their vCMP guests on the file system. CVE-2019-6670 Impact An attacker may use this vulnerability to extract the master key of vCMP guests. Security Advisory Status F5 Product Development has assigned ID...

4.4CVSS4.9AI score0.00207EPSS
Exploits0Affected Software11
Cvelist
Cvelist
added 2021/01/12 8:2 p.m.13 views

CVE-2020-6670

...

Exploits0
Rows per page
Query Builder