36 matches found
Oracle Linux 10 : nginx (ELSA-2026-6906)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6906 advisory. - Resolves: RHEL-157874 CVE-2026-32647 nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files - Resolves: RHEL-159433...
CVE-2025-6906
creationtimestamp| type| source ---|---|--- 2025-06-30 13:08:51+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19929 2025-06-30 17:41:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lstq73ykco2i...
CVE-2025-6906 code-projects Car Rental System login.php sql injection
A vulnerability classified as critical has been found in code-projects Car Rental System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument uname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : python-zipp vulnerability (USN-6906-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6906-1 advisory. It was discovered that python-zipp did not properly handle the zip files with malformed names. An attacker could possibly use this issue t...
CVE-2024-6906
creationtimestamp| type| source ---|---|--- 2024-07-19 12:51:58+00:00| seen| https://t.me/cvedetector/1210...
CVE-2024-6906 SourceCodester Record Management System add_leave_non_user.php sql injection
A vulnerability was found in SourceCodester Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file addleavenonuser.php. The manipulation of the argument LSS leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2024-6906 SourceCodester Record Management System add_leave_non_user.php sql injection
A vulnerability was found in SourceCodester Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file addleavenonuser.php. The manipulation of the argument LSS leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2024-6906
CVE-2024-6906 affects SourceCodester Record Management System v1.0. The vulnerability is in add_leave_non_user.php where manipulation of the LSS parameter leads to SQL injection, exploitable remotely (no user interaction). Multiple sources confirm the issue and that exploit information is publicl...
Malicious code in wlwz-2312-6906 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fd3a57595d825a746d705cb42d784fdd656532e9bc895396f404c33509303ec1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-797 Malicious code in wlwz-2312-6906 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fd3a57595d825a746d705cb42d784fdd656532e9bc895396f404c33509303ec1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2023-6906
creationtimestamp| type| source ---|---|--- 2024-01-12 06:56:52+00:00| seen| https://t.me/ctinow/167091...
CVE-2023-6906
Summary: CVE-2023-6906 affects Totolink A7100RU. The issue resides in the HTTP POST Request Handler, specifically the function main in the file /cgi-bin/cstecgi.cgi?action=login, where the e8 parameter input is not properly validated, causing a buffer overflow. This condition can be triggered rem...
CVE-2023-6906 Totolink A7100RU HTTP POST Request main buffer overflow
A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313B20191024. Affected is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag with the input ie8 leads to buffer...
CVE-2020-6906
...
CVE-2020-6906
This CVE-2020-6906 entry is rejected and not used.
CVE-2018-6906
The CVE-2018-6906 entry concerns a persistent Cross-Site Scripting (XSS) vulnerability in Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 Web Application. According to the sources, an attacker can inject arbitrary JavaScript through the REST API, enabling an XSS exposure tha...
CVE-2015-6906
The CVE-2015-6906 entry is rejected/not used and does not represent an active vulnerability.
CVE-2015-6906
...
USN-3213-1: GD library vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Stefan Esser discovered that the GD library incorrectly handled memory when processing certain images. If a user or automated system were tricked into processing a specially crafted image, an attacker cou...
CVE-2016-6906
CVE-2016-6906 affects the GD Graphics Library (libgd) read_image_tga in gd_tga.c, vulnerable before 2.2.4 due to an out-of-bounds read in the TGA decompression buffer when processing crafted images. This can cause denial of service; potential for remote impact is indicated in related advisories, ...