CVE-2025-6971

Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted CATPRODUCT file...

CVE-2025-6971 Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025

Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted CATPRODUCT file...

CVE-2024-6971 Path Traversal in parisneo/lollms-webui

A path traversal vulnerability exists in the parisneo/lollms-webui repository, specifically in the lollmsfilesystem.py file. The functions addragdatabase, togglemountragdatabase, and vectorizefolder do not implement security measures such as sanitizepathfromendpoint or sanitizepath. This allows a...

Ubuntu: Security Advisory (USN-6971-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-6971-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6971-1 advisory. It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximat...

WordPress Backup Migration Plugin 1.0.8-1.3.9 is vulnerable to Remote File Inclusion

Software Backup Migration Type Plugin Vulnerable versions 1.0.8-1.3.9 Fixed in 1.4.0 OWASP Top 10 A5: Security Misconfiguration Classification Remote File Inclusion CVE CVE-2023-6971 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID e70590c9be58 Credits NP3228 - NFlabs...

CVE-2023-6971

creationtimestamp| type| source ---|---|--- 2023-12-23 03:22:36+00:00| seen| https://t.me/ctinow/158685 2024-01-18 09:41:37+00:00| seen| https://t.me/ctinow/169633...

CVE-2023-6971

The Backup Migration plugin for WordPress (versions 1.0.8–1.3.9) is affected by CVE-2023-6971 due to a Remote File Inclusion via the content-dir header, enabling unauthenticated code execution when PHP is configured with allow_url_include=-on. The issue is exploitable under specific PHP configura...

AlienVault OSSIM Remote Code Execution (CVE-2017-6971)

A remote code execution vulnerability exists in AlienVault OSSIM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

CVE-2020-6971

CVE-2020-6971 affects Emerson ValveLink software, specifically ValveLink v12.0.264 to v13.4.118. The issue is improper access control that may allow a local, unprivileged, trusted insider to escalate privileges due to insecure configuration parameters. CVSS v3 base score is 7.8 (LOCAL, LOW PR, HI...

Emerson ValveLink

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Emerson Equipment: ValveLink Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...

TP-Link TL-WR1043ND 2 - Authentication Bypass

Exploit Title: TP-Link TL-WR1043ND 2 - Authentication Bypass Date: 2019-06-20 Exploit Author: Uriel Kosayev Vendor Homepage: https://www.tp-link.com Version: TL-WR1043ND V2 Tested on: TL-WR1043ND V2 CVE : CVE-2019-6971 CVE Link: https://nvd.nist.gov/vuln/detail/CVE-2019-6971 import requests ascii...

TP-Link TL-WR1043ND 2 Authentication Bypass

Exploit Title: TP-Link TL-WR1043ND 2 - Authentication Bypass Date: 2019-06-20 Exploit Author: Uriel Kosayev Vendor Homepage: https://www.tp-link.com Version: TL-WR1043ND V2 Tested on: TL-WR1043ND V2 CVE : CVE-2019-6971 CVE Link: https://nvd.nist.gov/vuln/detail/CVE-2019-6971 import requests ascii...

TP-Link TL-WR1043ND 2 - Authentication Bypass

TP-Link TL-WR1043ND 2 - Authentication Bypass Exploit Title: TP-Link TL-WR1043ND 2 - Authentication Bypass Date: 2019-06-20 Exploit Author: Uriel Kosayev Vendor Homepage: https://www.tp-link.com Version: TL-WR1043ND V2 Tested on: TL-WR1043ND V2 CVE : CVE-2019-6971 CVE Link:...

CVE-2019-6971

An issue was discovered on TP-Link TL-WR1043ND V2 devices. An attacker can send a cookie in an HTTP authentication packet to the router management web interface, and fully control the router without knowledge of the credentials...

CVE-2019-6971

CVE-2019-6971 affects TP-Link TL-WR1043ND V2 routers. The issue is an authentication bypass: an attacker can send a cookie in an HTTP authentication packet to the router management Web UI and gain full control without credentials. Public exploitation exists (e.g., TP-Link TL-WR1043ND 2 - Authenti...

VMSA-2018-0018 : VMware Horizon View Agent, VMware ESXi, Workstation, and Fusion updates resolve multiple security issues

a. VMware Horizon View Agent local information disclosure vulnerability VMware Horizon View Agents contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during...

CVE-2018-6971

CVE-2018-6971 affects VMware Horizon View Agent (7.x.y before 7.5.1). The vulnerability arises from insecure logging of credentials in the vmmsi.log during installation (including silent installs), allowing low-privileged users to access credentials specified during Horizon View Agent installatio...

KLA11296 DoS vulnerability in VMware products

Multiple vulnerabilities were found in VMware products. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A NULL pointer dereference vulnerability was found in VMware Workstation and Fusion. By exploiting...

VMSA-2018-0018:VMware Horizon View Agent, VMware ESXi, Workstation, and Fusion updates resolve multiple security issues

VMSA-2018-0018 VMware Horizon View Agent, VMware ESXi, Workstation, and Fusion updates resolve multiple security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0018 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware Horizon View...