CVE-2019-6684

On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, under certain conditions, a multi-bladed BIG-IP Virtual Clustered Multiprocessing vCMP may drop broadcast packets when they are rebroadcast to the vCMP guest secondary blades. An attacker can levera...

Adobe Reader < 2015.006.30094 / 2015.009.20069 Multiple Vulnerabilities (APSB15-24) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30094 or 2015.009.20069. It is, therefore, affected by multiple vulnerabilities. - The ANAuthenticateResource method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and...

Oracle Linux 8 : thunderbird (ELSA-2024-6684)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-6684 advisory. 128.2.0-1.0.2 - Fix prefs for new nss Orabug: 37079820 128.2.0-1.0.1 - Add Oracle prefs file 128.2.0 - Add OpenELA debranding 128.2.0-1 - Update to...

RHEL 8 : thunderbird (RHSA-2024:6684)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:6684 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: 115.15/128.2 mozilla: Type confusion when lookin...

Rocky Linux 8 : thunderbird (RLSA-2024:6684)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:6684 advisory. thunderbird: 115.15/128.2 mozilla: Type confusion when looking up a property name in a with block CVE-2024-8381 mozilla: Internal event interfaces were...

CVE-2024-6684

Authentication Bypass Using an Alternate Path or Channel vulnerability in GST Electronics inohom Nova Panel N7 allows Authentication Bypass. This issue affects inohom Nova Panel N7: through 1.9.9.6. NOTE: The vendor was contacted and it was learned that the product is not supported...

CVE-2024-6684 Authentication Bypass in GST Electronics' inohom Nova Panel N7

Authentication Bypass Using an Alternate Path or Channel vulnerability in GST Electronics inohom Nova Panel N7 allows Authentication Bypass. This issue affects inohom Nova Panel N7: through 1.9.9.6. NOTE: The vendor was contacted and it was learned that the product is not supported...

CVE-2024-6684 Authentication Bypass in GST Electronics' inohom Nova Panel N7

Authentication Bypass Using an Alternate Path or Channel vulnerability in GST Electronics inohom Nova Panel N7 allows Authentication Bypass. This issue affects inohom Nova Panel N7: through 1.9.9.6. NOTE: The vendor was contacted and it was learned that the product is not supported...

CVE-2019-6684

creationtimestamp| type| source ---|---|--- 2024-03-16 16:21:53+00:00| seen| https://t.me/ctinow/209600...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : ncurses vulnerability (USN-6684-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6684-1 advisory. It was discovered that ncurses incorrectly handled certain function return values, possibly leading to segmentation fault. A local attacke...

Ubuntu: Security Advisory (USN-6684-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-6684

The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ive' shortcode in versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on 'width' and 'height' user supplied attribute. This makes it possib...

CVE-2023-6684

CVE-2023-6684 affects the Ibtana – WordPress Website Builder plugin for WordPress (IVE shortcode). Reported vulnerability: Stored XSS via width/height attributes in the ive shortcode, due to insufficient input sanitization and output escaping. Affected versions: up to 1.2.2. Attack requires authe...

K95117754: TMM vulnerability CVE-2019-6684

Security Advisory Description Under certain conditions, a multi-bladed BIG-IP Virtual Clustered Multiprocessing vCMP may drop broadcast packets when they are rebroadcast to the vCMP guest secondary blades. An attacker can leverage the fragmented broadcast IP packets to perform any type of...

SUSE CVE-2015-6684

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via...

CVE-2020-6684

CVE-2020-6684 is rejected/not used and does not represent an active vulnerability entry.

F5 Networks BIG-IP : TMM vulnerability (K95117754)

Under certain conditions, a multi-bladed BIG-IP Virtual Clustered Multiprocessing vCMP may drop broadcast packets when they are rebroadcast to the vCMP guest secondary blades. An attacker can leverage the fragmented broadcast IP packets to perform any type of fragmentation-based attack...

CVE-2019-6684

On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, under certain conditions, a multi-bladed BIG-IP Virtual Clustered Multiprocessing vCMP may drop broadcast packets when they are rebroadcast to the vCMP guest secondary blades. An attacker can levera...

CVE-2019-6684

CVE-2019-6684 affects F5 BIG-IP TMM on multi-blade vCMP environments. The vulnerability arises when fragmented broadcast IP packets are rebroadcast to vCMP guest secondary blades, potentially allowing fragmentation-based attacks and, in some disclosures, remote triggering to cause TMM restart. Af...

CVE-2017-6684

Cisco Elastic Services Controller (ESC) contains an insecure default credentials vulnerability. An authenticated attacker could log in as the Linux admin user due to a default, weak, hard-coded password. Affected release: 21.0.0. The Cisco advisory notes there are no workarounds; it does not spec...