MINI-6958-VRQ4-2R7G

Bulletin has no description...

RHEL 9 : freerdp (RHSA-2026:6958)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6958 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...

CVE-2025-6958

A vulnerability was found in Campcodes Employee Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /edit.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed ...

CVE-2025-6958

creationtimestamp| type| source ---|---|--- 2025-07-01 15:07:55+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/20041...

Ubuntu 14.04 LTS / 18.04 LTS / 20.04 LTS : Libcroco vulnerabilities (USN-6958-1)

The remote Ubuntu 14.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6958-1 advisory. It was discovered that Libcroco was incorrectly accessing data structures when reading bytes from memory, which could cause a hea...

CVE-2024-6958 itsourcecode University Management System Avatar File st_update.php unrestricted upload

A vulnerability classified as critical was found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /stupdate.php of the component Avatar File Handler. The manipulation of the argument personalimage leads to unrestricted upload. The attack can be...

CVE-2023-6958

creationtimestamp| type| source ---|---|--- 2024-01-18 09:21:36+00:00| seen| https://t.me/ctinow/169626 2024-02-12 07:36:25+00:00| seen| https://t.me/ctinow/182926...

CVE-2023-6958

Summary of CVE-2023-6958 (WP Recipe Maker, WordPress) Issue: Stored Cross-Site Scripting via the plugin’s shortcode attributes due to insufficient input sanitization and output escaping. Affected: WP Recipe Maker plugin for WordPress in versions up to and including 9.1.0. Impact: Authenticated at...

CVE-2020-6958

An XXE vulnerability in JnlpSupport in Yet Another Java Service Wrapper YAJSW 12.14, as used in NSA Ghidra and other products, allows attackers to exfiltrate data from remote hosts and potentially cause denial-of-service...

CVE-2020-6958

CVE-2020-6958 describes an XXE vulnerability in JAWS’ JnlpSupport (YAJSW) version 12.14, used by NSA Ghidra and others. The flaw could allow data exfiltration from remote hosts and may cause a denial of service. The provided documents do not include concrete exploit details or remediation steps. ...

CVE-2019-6958

A recently discovered security vulnerability affects all Bosch Video Management System BVMS versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System BIS with Video Engine, Access Professional Edition APE, Access Easy Controller AEC, Bosch Vide...

CVE-2019-6958

The CVE-2019-6958 entry concerns Bosch BVMS and related systems (BVMS v9.0 and earlier; DIVAR IP 2000–7000; Configuration Manager; BIS with Video Engine; APE; AEC; BVC; VSDK). The root cause is improper access control via the RCP+ network port allowing access without authentication. This could en...

CVE-2017-6958

An XSS vulnerability in the MantisBT Source Integration Plugin before 2.0.2 search result page allows an attacker to inject arbitrary HTML or JavaScript if MantisBT's CSP settings permit it by crafting any valid parameter...

CVE-2017-6958

The CVE-2017-6958 entry describes an XSS vulnerability in the MantisBT Source Integration Plugin (pre-2.0.2). The flaw allows an attacker to inject arbitrary HTML/JavaScript via crafted parameters on the plugin’s search results page, potentially exploiting CSP allowances in MantisBT. Affected com...

CVE-2016-6958

Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass intended access restrictions via unspecified vectors...

CVE-2016-6958

CVE-2016-6958 concerns Adobe Reader and Acrobat on Windows and macOS. The vulnerability enables an attacker to bypass intended access restrictions in several affected builds: Adobe Reader and Acrobat before 11.0.18, and Acrobat/Reader DC Classic before 15.006.30243, or Continuous before 15.020.20...

Adobe Acrobat and Reader Security Bypass (APSB16-33: CVE-2016-6957; CVE-2016-6958)

This vulnerability is an instance of a security bypass in Adobe Reader JavaScript engine. This vulnerability could be exploited to bypass the engine security restrictions. Successful exploitation of this issue could allow an attacker to execute privileged JavaScript functions...

CVE-2014-6958

The affected software is the ISMRM-ESMRMB 2014 Android app (com.coreapps.android.followme.ismrm_esmrmb14), version 6.0.8.5. The root cause is that the application does not verify X.509 certificates from SSL servers, enabling man-in-the-middle attackers to spoof servers and obtain sensitive inform...

CVE-2013-6958

Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet...

CVE-2013-6958

CVE-2013-6958 affects Juniper ScreenOS/NetScreen Firewall: Ping of Death screen disabled in ScreenOS 5.4, 6.2, or 6.3 allows remote attackers to cause a denial-of-service via a crafted packet. Affected versions include ScreenOS 5.4, 6.2, 6.3; the vulnerability stems from how ICMP echo requests ar...