MINI-QV8M-5XWW-6693

Bulletin has no description...

MiracleLinux 9 : qemu-kvm-9.0.0-10.el9_5.3 (AXSA:2025-9924:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9924:02 advisory. QEMU: virtio-net: stack buffer overflow in virtionetflushtx CVE-2023-6693 qemu-kvm: net: assertion failure in updatesctpchecksum CVE-2024-3567 Tenab...

CVE-2025-6693

A vulnerability, which was classified as critical, was found in RT-Thread up to 5.1.0. This affects the function sysdeviceopen/sysdeviceread/sysdevicecontrol/sysdeviceinit/sysdeviceclose/sysdevicewrite of the file components/drivers/core/device.c. The manipulation leads to memory corruption. It i...

CVE-2025-6693 RT-Thread device.c sys_device_write memory corruption

A vulnerability, which was classified as critical, was found in RT-Thread up to 5.1.0. This affects the function sysdeviceopen/sysdeviceread/sysdevicecontrol/sysdeviceinit/sysdeviceclose/sysdevicewrite of the file components/drivers/core/device.c. The manipulation leads to memory corruption. It i...

CVE-2025-6693

CVE-2025-6693 affects RT-Thread up to 5.1.0. The vulnerability targets the file components/drivers/core/device.c, specifically the functions sys_device_open, sys_device_read, sys_device_control, sys_device_init, sys_device_close, and sys_device_write, causing memory corruption and enabling a loca...

WordPress WP Content Copy Protection & No Right Click (premium) plugin <= 15.0 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin WP Content Copy Protection & No Right Click premium versions = 15.0...

CVE-2024-6693

The wccp-pro WordPress plugin before 15.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-6693 WP Content Copy Protection & No Right Click (premium) <= 15.0 - Admin+ Stored XSS

The wccp-pro WordPress plugin before 15.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-6693 WP Content Copy Protection & No Right Click (premium) <= 15.0 - Admin+ Stored XSS

The wccp-pro WordPress plugin before 15.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

RHEL 9 : qemu-kvm (RHSA-2025:4492)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4492 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide th...

[SECURITY] [DLA 4144-1] qemu security update

Debian LTS Advisory DLA-4144-1 [email protected] https://www.debian.org/lts/security/ Santiago Ruano Rincón April 30, 2025 https://wiki.debian.org/LTS Package : qemu Version : 1:5.2+dfsg-11+deb11u4 CVE ID : CVE-2023-1544 CVE-2023-3019 CVE-2023-5088 CVE-2023-6693 CVE-2024-3447 Debian Bug...

Azure Linux 3.0 Security Update: qemu (CVE-2023-6693)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6693 advisory. - A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in...

CVE-2023-6693 affecting package qemu for versions less than 8.2.0-13

CVE-2023-6693 affecting package qemu for versions less than 8.2.0-13. A patched version of the package is available...

CBL Mariner 2.0 Security Update: qemu (CVE-2023-6693)

The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6693 advisory. - A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in...

CVE-2023-6693 affecting package qemu for versions less than 6.2.0-21

CVE-2023-6693 affecting package qemu for versions less than 6.2.0-21. A patched version of the package is available...

Linux Distros Unpatched Vulnerability : CVE-2023-6693

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtionetflushtx function if guest features...

Mageia: Security Advisory (MGASA-2024-0387)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fortinet Fortigate Hardcoded symmetric key in fips.c (FG-IR-19-007)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-19-007 advisory. - Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an...

Oracle Linux 8 : virt:kvm_utils3 (ELSA-2024-12792)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12792 advisory. - Fix CVE-2024-7383 NBD server improper certificate validation resolves: RHEL-52728 - Fix CVE-2022-0485: Fail nbdcopy if NBD read or write fails resolves:...

SUSE: Security Advisory (SUSE-SU-2024:3229-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...