29 matches found
EUVD-2026-41452
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS SIP Proxy module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-6947. This issue affects Fireware OS 12.0 up to and...
PT-2026-55333
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS SIP Proxy module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-6947. This issue affects Fireware OS 12.0 up to and...
MINI-8M77-6947-WMXX
Bulletin has no description...
CVE-2026-6947
creationtimestamp| type| source ---|---|--- 2026-04-23 20:38:00+00:00| seen| https://www.twcert.org.tw/en/cp-139-10865-de323-2.html 2026-04-24 04:50:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mk7q3227u32z 2026-04-24 05:19:04+00:00| seen|...
MINI-QMW8-6947-94P6
Bulletin has no description...
CVE-2025-6947
creationtimestamp| type| source ---|---|--- 2025-09-16 14:42:48+00:00| seen| Telegram/AVaNMIcgVwkeFroUybKpwrMupIBtRG8mYeU-hbveQm8kWQ0...
PT-2025-37990
Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 12.0 through 12.11.2 Description A flaw exists in WatchGuard Fireware OS related to improper input handling during web page generation, potentially leading to Stored Cross-site Scripting XSS. This issue is prese...
CVE-2023-6947
The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.26. This makes it possible for authenticated attackers, with contributor level or higher to read the contents of arbitrary folders on the server, whic...
CVE-2023-6947
The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.26. This makes it possible for authenticated attackers, with contributor level or higher to read the contents of arbitrary folders on the server, whic...
CVE-2023-6947
creationtimestamp| type| source ---|---|--- 2024-12-10 05:35:56+00:00| seen| https://infosec.exchange/users/cve/statuses/113626903742328158 2024-12-10 08:16:32+00:00| seen| https://t.me/cvedetector/12483...
Rocky Linux 9 : grafana (RLSA-2024:6947)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:6947 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 Tenabl...
Oracle Linux 9 : grafana (ELSA-2024-6947)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-6947 advisory. 9.2.10-17 - Resolves RHEL-57925: CVE-2024-34156 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...
RHEL 9 : grafana (RHSA-2024:6947)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6947 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: encoding/gob: golang:...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Kerberos vulnerabilities (USN-6947-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6947-1 advisory. It was discovered that Kerberos incorrectly handled GSS message tokens where an unwrapped tok...
CVE-2024-6947
creationtimestamp| type| source ---|---|--- 2024-07-21 11:42:32+00:00| seen| https://t.me/cvedetector/1337...
CVE-2024-6947 Flute CMS Notification ContentParser.php replaceContent code injection
A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been rated as critical. This issue affects the function replaceContent of the file app/Core/Support/ContentParser.php of the component Notification Handler. The manipulation leads to code injection. The attack may be initiated remotely...
CVE-2024-6947
CVE-2024-6947 affects Flute CMS 0.2.2.4-alpha. The issue is in the replaceContent function of ContentParser.php in the Notification Handler, allowing remote code injection. The vulnerability has been publicly disclosed and can be exploited remotely. Mitigation references suggest disabling the rep...
CVE-2024-6947 Flute CMS Notification ContentParser.php replaceContent code injection
A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been rated as critical. This issue affects the function replaceContent of the file app/Core/Support/ContentParser.php of the component Notification Handler. The manipulation leads to code injection. The attack may be initiated remotely...
CVE-2018-6947
CVE-2018-6947 is an uninitialised stack variable vulnerability in the nxfuse component of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier. It enables local, low-privilege users to gain elevation of privileges on Windows 7 (32/64-bit) and can cause a denial of service o...
CVE-2016-6947
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors...