MINI-6859-F4G4-V3RC

Bulletin has no description...

instructlab-sdg (>=0.0.1 <=0.0.1rc4) potentially affected by CVE-2026-6859 via instructlab (=0.17.2)

instructlab PYPI version =0.17.2 is affected by a known vulnerability. The following packages have a transitive dependency on instructlab and may be impacted: - instructlab-sdg =0.0.1, =0.0.1rc4 Source cves: CVE-2026-6859 Source advisory: SNYK:PYTHON-INSTRUCTLAB-16323407...

CVE-2026-6859

creationtimestamp| type| source ---|---|--- 2026-04-22 14:03:07+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116448728591423410 2026-04-22 14:14:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk3omhcshf2e 2026-04-22 15:17:58+00:00| published-proof-of-concept|...

MiracleLinux 8 : thunderbird-115.6.0-1.el8_9.ML.1 (AXSA:2024-7381:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7381:03 advisory. Mozilla: Heap-buffer-overflow affecting WebGLDrawElementsInstanced method with Mesa VM driver CVE-2023-6856 Mozilla: Memory safety bugs fixed in...

MiracleLinux 9 : opensc-0.23.0-2.el9 (AXSA:2023-6859:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6859:01 advisory. opensc: buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage CVE-2023-2977 Tenable has extracted the preceding description block directly from th...

CVE-2013-6859

SAP Sybase Adaptive Server Enterprise ASE before 15.0.3 ESD4.3. 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 does not properly perform authorization, which allows remote authenticated users to gain privileges via unspecified vectors...

Linux Distros Unpatched Vulnerability : CVE-2023-6859

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox...

TencentOS Server 3: thunderbird (TSSA-2024:0043)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0043 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2024-6859

The WP MultiTasking WordPress plugin through 0.1.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2020-6859

Multiple Insecure Direct Object Reference vulnerabilities in includes/core/class-files.php in the Ultimate Member plugin through 2.1.2 for WordPress allow remote attackers to change other users' profiles and cover photos via a modified userid parameter. This is related to ajaximageupload and...

CVE-2019-6859

A CWE-798: Use of Hardcoded Credentials vulnerability exists in Modicon Controllers All versions of the following CPUs and Communication Module product references listed in the Security Notifications, which could cause the disclosure of FTP hardcoded credentials when using the Web server of the...

CGA-QXR9-6859-P6JV

Bulletin has no description...

CVE-2024-6859 WP MultiTasking <= 0.1.12 - Reflected XSS via Shortcode

The WP MultiTasking WordPress plugin through 0.1.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2024-6859 WP MultiTasking <= 0.1.12 - Reflected XSS via Shortcode

The WP MultiTasking WordPress plugin through 0.1.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress WP MultiTasking Plugin <= 0.1.12 is vulnerable to Cross Site Scripting (XSS)

Software WP MultiTasking Type Plugin Vulnerable versions = 0.1.12 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6859 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5ed370bec785 Credits Bob Matyas Required...

Ubuntu 22.04 LTS / 23.10 / 24.04 LTS : OpenSSH vulnerability (USN-6859-1)

The remote Ubuntu 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6859-1 advisory. It was discovered that OpenSSH incorrectly handled signal management. A remote attacker could use this issue to bypass authentication and...

RHEL 7 : thunderbird (RHSA-2024:0027)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0027 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fixes: Mozilla:...

CentOS: Security Advisory for firefox (CESA-2024:0026)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS: Security Advisory for thunderbird (CESA-2024:0027)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:0044-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...