EUVD-2025-6706

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2016-6706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute...

CVE-2025-6706

creationtimestamp| type| source ---|---|--- 2025-06-26 17:50:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19637 2025-06-26 18:37:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsjrhnx73f25...

CVE-2025-6706 Running certain aggregation operations with the SBE engine may lead to unexpected behavior on MongoDB Server

An authenticated user may trigger a use after free that may result in MongoDB Server crash and other unexpected behavior, even if the user does not have authorization to shut down a server. The crash is triggered on affected versions by issuing an aggregation framework operation using a specific...

CVE-2025-6706

CVE-2025-6706 affects MongoDB Server when the SBE engine is enabled. An authenticated user can trigger a use-after-free via a specific aggregation pipeline pattern, potentially crashing the server and causing other unexpected behavior without needing shutdown privileges. Affected versions are Mon...

CVE-2025-6706 Running certain aggregation operations with the SBE engine may lead to unexpected behavior on MongoDB Server

An authenticated user may trigger a use after free that may result in MongoDB Server crash and other unexpected behavior, even if the user does not have authorization to shut down a server. The crash is triggered on affected versions by issuing an aggregation framework operation using a specific...

CVE-2024-6706

creationtimestamp| type| source ---|---|--- 2024-08-08 02:11:02+00:00| seen| https://t.me/cvedetector/2737...

Open WebUI 0.1.105 Persistent Cross Site Scripting Vulnerability

Title: Open WebUI Stored Cross-Site Scripting Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-005.txt 1. Vulnerability Details Affected Vendor: Open WebUI Affected Product: Open WebUI Affected Version: 0.1.105 Platform: Debian 12 CWE Classification: CWE-79: Improper...

Open WebUI 0.1.105 Persistent Cross Site Scripting

KL-001-2024-005: Open WebUI Stored Cross-Site Scripting Title: Open WebUI Stored Cross-Site Scripting Advisory ID: KL-001-2024-005 Publication Date: 2024.08.06 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-005.txt 1. Vulnerability Details Affected Vendor: Open WebUI...

CVE-2024-6706

Attackers can craft a malicious prompt that coerces the language model into executing arbitrary JavaScript in the context of the web page...

CVE-2024-6706 Open WebUI Stored Cross-Site Scripting

Attackers can craft a malicious prompt that coerces the language model into executing arbitrary JavaScript in the context of the web page...

CVE-2024-6706 Open WebUI Stored Cross-Site Scripting

Attackers can craft a malicious prompt that coerces the language model into executing arbitrary JavaScript in the context of the web page...

Open WebUI Stored Cross-Site Scripting

Vulnerability Details Affected Vendor: Open WebUI Affected Product: Open WebUI Affected Version: 0.1.105 Platform: Debian 12 CWE Classification: CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' CVE ID: CVE-2024-6706 2. Vulnerability Description Attackers...

Photon OS 3.0: Lua PHSA-2019-3.0-0036

An update of the lua package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0036. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20307...

Ubuntu: Security Advisory (USN-6706-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (openSUSE-SU-2024:0001-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (openSUSE-SU-2024:0002-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Malicious code in wlwz-2312-6706 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c459283c381f45fdbc4384df1225ee10c1db71693f61637ddb6e4aaa0b1c74a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-779 Malicious code in wlwz-2312-6706 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c459283c381f45fdbc4384df1225ee10c1db71693f61637ddb6e4aaa0b1c74a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-6706

creationtimestamp| type| source ---|---|--- 2024-01-10 10:11:39+00:00| seen| https://t.me/ctinow/165668...