AlmaLinux 10 : freerdp (ALSA-2026:6799)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:6799 advisory. freerdp: FreeRDP heap-use-after-free CVE-2026-22856 freerdp: FreeRDP heap-buffer-overflow CVE-2026-22854 freerdp: FreeRDP heap-buffer-overflow...

CVE-2025-6799 Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability

Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. T...

CVE-2023-6799

The WP Reset – Most Advanced WordPress Reset Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0 via the use of insufficiently random snapshot names. This makes it possible for unauthenticated attackers to extract sensitive data...

CVE-2024-6799

creationtimestamp| type| source ---|---|--- 2024-07-19 11:11:28+00:00| seen| https://t.me/cvedetector/1200...

CVE-2024-6799

CVE-2024-6799 affects YITH Essential Kit for WooCommerce #1 (WordPress) and, per connected sources, versions up to 2.34.0 are vulnerable due to a missing capability check in activate_module, deactivate_module, and install_module. This allows authenticated users with Subscriber+ privileges to inst...

WordPress YITH Essential Kit for WooCommerce #1 Plugin <= 2.34.0 is vulnerable to Broken Access Control

Software YITH Essential Kit for WooCommerce 1 Type Plugin Vulnerable versions = 2.34.0 Fixed in 2.35.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6799 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f3f670016683 Credits Lucio S...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Werkzeug vulnerability (USN-6799-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6799-1 advisory. It was discovered that the debugger in Werkzeug was not restricted to trusted hosts. A remote attacker cou...

CVE-2023-6799

creationtimestamp| type| source ---|---|--- 2024-05-14 03:25:11+00:00| seen| Telegram/d9Qhk3cAIdCLGpVUBw6TFJ7NxDjcfY3KHYDonpo3mGo5UVVP...

CVE-2019-6799

creationtimestamp| type| source ---|---|--- 2024-04-25 21:21:05+00:00| seen| https://t.me/arpsyndicate/4867...

CVE-2023-6799 WP Reset <= 2.0 - Sensitive Information Exposure due to Insufficient Randomness

The WP Reset – Most Advanced WordPress Reset Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0 via the use of insufficiently random snapshot names. This makes it possible for unauthenticated attackers to extract sensitive data...

CVE-2023-6799 WP Reset <= 2.0 - Sensitive Information Exposure due to Insufficient Randomness

The WP Reset – Most Advanced WordPress Reset Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0 via the use of insufficiently random snapshot names. This makes it possible for unauthenticated attackers to extract sensitive data...

WordPress WP Reset Plugin <= 1.99 is vulnerable to Sensitive Data Exposure

Software WP Reset Type Plugin Vulnerable versions = 1.99 Fixed in 2.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-6799 Patch priority Low CVSS severity Low 5.9 Developer WebFactory Ltd. PSID ac592e0b3e85 Credits Justin Kennedy Required privilege...

SUSE CVE-2018-6799

The AcquireCacheNexus function in magick/pixelcache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service heap overwrite or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used...

SUSE: Security Advisory (SUSE-SU-2020:14290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0383-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0384-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4639-1: phpMyAdmin vulnerabilities

It was discovered that there was a bug in the way phpMyAdmin handles the phpMyAdmin Configuration Storage tables. An authenticated attacker could use this vulnerability to cause phpmyAdmin to leak sensitive files. CVE-2018-19968 It was discovered that phpMyAdmin incorrectly handled user input. An...

CVE-2020-6799

Command line arguments could have been injected during Firefox invocation as a shell handler for certain unsupported file types. This required Firefox to be configured as the default handler for a given file type and for a file downloaded to be opened in a third party application that...

CVE-2020-6799

CVE-2020-6799 is a vulnerability in Mozilla Firefox where command line arguments could be injected during Firefox invocation when Firefox is the default handler for non-default filetypes and a downloaded file is opened by a third‑party application that does not sanitize URL data. The issue could ...

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2020:0230-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...