CVE-2025-6946

creationtimestamp| type| source ---|---|--- 2025-12-04 22:08:06+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115663574444372667 2025-12-04 23:10:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m773qtqwi42q...

PT-2025-37990

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 12.0 through 12.11.2 Description A flaw exists in WatchGuard Fireware OS related to improper input handling during web page generation, potentially leading to Stored Cross-site Scripting XSS. This issue is prese...

MAL-2025-6946 Malicious code in pentest-event-emitter (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

AlmaLinux 9 : grafana-pcp (ALSA-2024:6946)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:6946 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 Tenable...

Oracle Linux 9 : grafana-pcp (ELSA-2024-6946)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-6946 advisory. 5.1.1-3 - Resolves RHEL-57930: CVE-2024-34156 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

RHEL 9 : grafana-pcp (RHSA-2024:6946)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:6946 advisory. The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Django vulnerabilities (USN-6946-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6946-1 advisory. It was discovered that Django incorrectly handled certain strings in floatformat function. An attacker could possibly...

CVE-2024-6946

creationtimestamp| type| source ---|---|--- 2024-07-21 11:42:33+00:00| seen| https://t.me/cvedetector/1338...

CVE-2024-6946 Flute CMS list code injection

A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been declared as critical. This vulnerability affects unknown code of the file /admin/pages/list. The manipulation of the argument blocks leads to code injection. The attack can be initiated remotely. The exploit has been disclosed to t...

WordPress Autotitle for WordPress Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Autotitle for WordPress Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-6946 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 89d669161c10 Credits Daniel Ruf...

CVE-2023-6946

creationtimestamp| type| source ---|---|--- 2024-01-29 16:26:27+00:00| seen| https://t.me/ctinow/175373 2024-02-03 03:16:15+00:00| seen| https://t.me/ctinow/178370 2024-02-21 16:41:27+00:00| seen| https://t.me/ctinow/189750...

CVE-2023-6946

The Autotitle for WordPress plugin through 1.0.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2023-6946 Autotitle for WordPress <= 1.0.3 - Settings Update to Stored XSS via CSRF

The Autotitle for WordPress plugin through 1.0.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

Design/Logic Flaw

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different...

Design/Logic Flaw

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different...

CVE-2016-6946

Technical details about CVE-2016-6946 are not publicly available in the provided documents. Monitor for updates from official advisories to learn affected products, impact, and remediation.

CVE-2016-6944

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different...

CVE-2015-6947

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-6946. Reason: This issue was MERGED into CVE-2015-6946 in accordance with CVE content decisions, because it is the same type of vulnerability and affects the same versions. Notes: All CVE users should reference CVE-2015-6946...

CVE-2015-6946

CVE-2015-6946 (Borland AccuRev Reprise License Manager) involves multiple stack-based buffer overflows in the service where remote attackers can execute arbitrary code via the activate_doit (akey, actserver) or service_startup_doit (licfile) parameters. Connected advisories (ZDI) describe stack o...

CVE-2015-6947

CVE-2015-6947 has been merged into CVE-2015-6946; connected documents confirm a Borland AccuRev Reprise License Manager service vulnerability with multiple stack-based buffer overflows affecting the activate_doit function via parameters (akey, actserver) or licfile, enabling remote code execution...