CVE-2026-6751

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Uninitialized memory in the Audio/Video: Web Codecs component...

CVE-2026-6751

creationtimestamp| type| source ---|---|--- 2026-04-21 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260422 2026-04-21 21:25:58+00:00| seen| Telegram/zqh64O-3jGBNpD02e4IDQ2Ua8XH6cA6PRqW3q0FpcVLnRBs 2026-04-22 02:01:20+00:00| seen|...

CVE-2026-6751

Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

Mozilla Thunderbird < 150.0

The version of Thunderbird installed on the remote Windows host is prior to 150.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-33 advisory. - Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component. This vulnerability was fix...

CVE-2025-6751

A vulnerability, which was classified as critical, was found in Linksys E8450 up to 1.2.00.360516. This affects the function setdevicelanguage of the file portal.cgi of the component HTTP POST Request Handler. The manipulation of the argument dutlanguage leads to buffer overflow. It is possible t...

CVE-2025-6751 Linksys E8450 HTTP POST Request portal.cgi set_device_language buffer overflow

A vulnerability, which was classified as critical, was found in Linksys E8450 up to 1.2.00.360516. This affects the function setdevicelanguage of the file portal.cgi of the component HTTP POST Request Handler. The manipulation of the argument dutlanguage leads to buffer overflow. It is possible t...

CVE-2023-6751

The Hostinger plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the function publishwebsite in all versions up to, and including, 1.9.7. This makes it possible for unauthenticated attackers to enable and disable maintenance mode...

CVE-2019-6751

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Studio Photo 3.6.6.779. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2024-6751

creationtimestamp| type| source ---|---|--- 2024-07-24 05:46:47+00:00| seen| https://t.me/cvedetector/1537...

CVE-2024-6751 Social Auto Poster <= 5.3.14 - Cross-Site Request Forgery via Multiple Functions

The Social Auto Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.3.14. This is due to missing or incorrect nonce validation on multiple functions. This makes it possible for unauthenticated attackers to add, modify, or delete post meta an...

WordPress Social Auto Poster Plugin <= 5.3.14 is vulnerable to Cross Site Request Forgery (CSRF)

Software Social Auto Poster Type Plugin Vulnerable versions = 5.3.14 Fixed in 5.3.15 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6751 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 88dfd0390d2d Credits István Márton...

Ubuntu: Security Advisory (USN-6751-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-6751

The Hostinger plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the function publishwebsite in all versions up to, and including, 1.9.7. This makes it possible for unauthenticated attackers to enable and disable maintenance mode...

CVE-2023-6751 Hostinger <= 1.9.7 - Missing Authorization to Maintenance Mode Activation

The Hostinger plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the function publishwebsite in all versions up to, and including, 1.9.7. This makes it possible for unauthenticated attackers to enable and disable maintenance mode...

CVE-2023-6751

The CVE-2023-6751 vulnerability affects the Hostinger WordPress plugin and allows unauthenticated attackers to update plugin settings by exploiting a missing capability check in publish_website. Affected versions are all up to and including 1.9.7; impact includes enabling/disabling maintenance mo...

WordPress Hostinger Plugin <= 1.9.7 is vulnerable to Broken Access Control

Software Hostinger Type Plugin Vulnerable versions = 1.9.7 Fixed in 1.9.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-6751 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID 4fa08c339ad7 Credits Lucio Sá Required privilege...

Foxit Studio Photo < 3.6.6.909 Multiple Vulnerabilities

According to its self-reported version, the Foxit Studio Photo application installed on the remote Windows host is affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid133853; scriptversion"1.2";...

Foxit Software Foxit Studio Photo <= 3.6.6.779 Multiple Vulnerabilities

Foxit Studio Photo is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2019-6751

CVE-2019-6751 affects Foxit Studio Photo 3.6.6.779 and earlier. The root cause is improper validation of user-supplied data in JPG handling, causing a write past the end of an allocated structure and enabling code execution in the current process when a user opens a malicious file or visits a cra...

CVE-2017-6751

Cisco Web Security Appliance (WSA) is affected (virtual and hardware). The issue is a web proxy bypass where traffic forwarded from the web proxy interface to the administrative management interface is not denied, enabling an unauthenticated remote attacker to reach the admin interface (Access Co...