CVE-2026-6978

A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialcharsdecode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument sqls results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...

MiracleLinux 7 : libwmf-0.2.8.4-44.el7 (AXSA:2020-679:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-679:03 advisory. gd: double free in the gdImagePtr in gdgifout.c, gdjpeg.c, and gdwbmp.c CVE-2019-6978 Tenable has extracted the preceding description block directly from the...

CVE-2025-6978

creationtimestamp| type| source ---|---|--- 2025-11-25 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1020/ 2026-02-05 15:45:49+00:00| seen| https://www.thezdi.com/blog/2026/2/4/cve-2025-6978-arbitrary-code-execution-in-the-arista-ng-firewall 2026-02-05 16:48:26+00:00|...

TencentOS Server 3: libwmf (TSSA-2022:0059)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0059 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2025-6978

Diagnostics command injection vulnerability...

CVE-2024-6978

Cato Networks Windows SDP Client Local root certificates can be installed by low-privileged users.This issue affects SDP Client: before 5.10.28...

CVE-2023-6978

The WP Job Manager – Company Profiles plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'company' parameter in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

CVE-2020-6978

In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries...

Alibaba Cloud Linux 3 : 0059: libwmf (ALINUX3-SA-2022:0059)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0059 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-6978: The GD Graphics Library aka LibGD...

Alibaba Cloud Linux 3 : 0054: gd (ALINUX3-SA-2022:0054)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0054 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2018-14553: gdImageClone in gd.c in...

Linux Distros Unpatched Vulnerability : CVE-2019-6978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The GD Graphics Library aka LibGD 2.2.5 has a double free in the gdImagePtr functions in gdgifout.c, gdjpeg.c, and gdwbmp.c. NOTE: PHP is unaffected...

CVE-2023-6978

The WP Job Manager – Company Profiles plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'company' parameter in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

CVE-2023-6978

creationtimestamp| type| source ---|---|--- 2024-12-04 07:41:30+00:00| seen| https://infosec.exchange/users/cve/statuses/113593423627352126 2024-12-04 10:03:48+00:00| seen| https://t.me/cvedetector/11961...

CVE-2023-6978

CVE-2023-6978 affects WP Job Manager – Company Profiles (WordPress). The vulnerability is Reflected Cross-Site Scripting via the 'company' parameter in versions up to 1.7, caused by insufficient input sanitization and output escaping. Exploitation requires a user to click a crafted link (unauthen...

CVE-2023-6978 WP Job Manager – Company Profiles <= 1.7 - Reflected Cross-Site Scripting

The WP Job Manager – Company Profiles plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'company' parameter in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

Ubuntu 14.04 LTS / 16.04 LTS : XStream vulnerabilities (USN-6978-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6978-1 advisory. It was discovered that XStream incorrectly handled parsing of certain crafted XML documents. A remote attacker could possibly use this issue ...

CVE-2024-6978

creationtimestamp| type| source ---|---|--- 2024-07-31 20:10:57+00:00| seen| https://t.me/cvedetector/2154...

CVE-2024-6978

Cato Networks Windows SDP Client Local root certificates can be installed by low-privileged users.This issue affects SDP Client: before 5.10.28...

CVE-2024-6978 Cato Networks Windows SDP Client Local root certificates can be installed by low-privileged users

Cato Networks Windows SDP Client Local root certificates can be installed by low-privileged users.This issue affects SDP Client: before 5.10.28...

CVE-2024-6978 Cato Networks Windows SDP Client Local root certificates can be installed by low-privileged users

Cato Networks Windows SDP Client Local root certificates can be installed by low-privileged users.This issue affects SDP Client: before 5.10.28...