32 matches found
CVE-2026-6813
creationtimestamp| type| source ---|---|--- 2026-05-12 11:42:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlnpi57c3y2t 2026-05-13 00:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlp2jsnit52s...
CVE-2025-6813
creationtimestamp| type| source ---|---|--- 2025-07-18 06:30:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lu7t3whstd2w...
CVE-2025-6813 aapanel WP Toolkit 1.0 - 1.1 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via auto_login() Function
The aapanel WP Toolkit plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks within the autologin function in versions 1.0 to 1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to bypass all role checks and gai...
CVE-2025-6813
CVE-2025-6813 affects the WordPress plugin aapanel WP Toolkit (versions 1.0–1.1). The root cause is missing authorization checks in the auto_login() function, enabling authenticated users with Subscriber-level access and above to bypass role checks and gain full admin privileges. The CVE is curre...
CVE-2019-6813
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module all firmware versions and Modicon M340 controller all firmware versions, which could cause denial of service when truncated SNMP packets on port 161/UDP are received by...
Linux Distros Unpatched Vulnerability : CVE-2020-6813
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary...
CVE-2024-6813
creationtimestamp| type| source ---|---|--- 2024-08-21 19:05:14+00:00| seen| https://t.me/cvedetector/3787...
CVE-2024-6813
NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this...
CVE-2024-6813
NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this...
CVE-2023-6813
creationtimestamp| type| source ---|---|--- 2024-07-10 10:54:54+00:00| seen| https://t.me/cvedetector/533...
CVE-2023-6813 Login by Auth0 <= 4.6.0 - Reflected Cross-Site Scripting via wle
The Login by Auth0 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘wle’ parameter in all versions up to, and including, 4.6.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
WordPress Login by Auth0 Plugin <= 4.6.0 is vulnerable to Cross Site Scripting (XSS)
Software Login by Auth0 Type Plugin Vulnerable versions = 4.6.0 Fixed in 4.6.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6813 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 700ddc0d68f5 Credits Krzysztof Zając...
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : OpenJDK 21 vulnerabilities (USN-6813-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6813-1 advisory. It was discovered that the Hotspot component of OpenJDK 21 incorrectly handled certain exceptions with specially crafted long message...
CVE-2020-6813
When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy. This vulnerability affects Firefox 74...
CVE-2020-6813
CVE-2020-6813 affects Firefox prior to 74, where protecting CSS blocks with the Content Security Policy nonce could be bypassed via an @import in a CSS block, allowing style injection and bypass of CSP intent. The IBM bulletin for IBM Cloud App Management documents this exact CVE and notes the vu...
Mozilla Firefox Security Advisories (MFSA2020-08, MFSA2020-09) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
USN-4299-1: Firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the URL or other browser chrome, obtain sensitive information, bypass Content Security Policy CSP...
Schneider Electric Modicon Ethernet Serial RTU
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Modicon BMXNOR0200H Vulnerabilities: Improper Check for Unusual or Exceptional Conditions, Improper Access Control 2. RISK EVALUATION Successful exploitation of these...
CVE-2019-6813
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module all firmware versions and Modicon M340 controller all firmware versions, which could cause denial of service when truncated SNMP packets on port 161/UDP are received by...
CVE-2019-6813
The CVE-2019-6813 vulnerability affects Schneider Electric BMXNOR0200H Ethernet/Serial RTU modules and Modicon M340 controllers (all firmware versions). It is a CWE-754 improper check for unusual or exceptional conditions that could cause a denial of service when truncated SNMP packets are receiv...