CVE-2026-6991 colinhacks Zod CUID Data Type regexes.ts sql injection

A vulnerability was determined in colinhacks Zod up to 4.3.6. The impacted element is an unknown function of the file packages/zod/src/v4/core/regexes.ts of the component CUID Data Type Handler. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit h...

WordPress KALLYAS - Creative eCommerce Multi-Purpose WordPress Theme Theme <= 4.21.0 is vulnerable to Local File Inclusion

Software KALLYAS - Creative eCommerce Multi-Purpose WordPress Theme Type Theme Vulnerable versions = 4.21.0 Fixed in 4.22.0 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2025-6991 Patch priority Low CVSS severity Low 7.5 Developer EPC PSID 34bd1e68ee25 Credits stealthcopt...

Linux Distros Unpatched Vulnerability : CVE-2024-6991

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Dawn in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromiu...

electron{29,30} -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-6776. Security: backported fix for CVE-2024-6778. Security: backported fix for CVE-2024-6777. Security: backported fix for CVE-2024-6773. Security: backported fix for CVE-2024-6774...

electron31 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-6989. Security: backported fix for CVE-2024-6991...

CVE-2024-6991

creationtimestamp| type| source ---|---|--- 2024-08-06 19:12:21+00:00| seen| https://t.me/cvedetector/2612...

CVE-2024-6991

Use after free in Dawn in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-6991

Use after free in Dawn in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Fedora 40 : chromium (2024-3a1a0a664e)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3a1a0a664e advisory. update to 127.0.6533.88 Critical CVE-2024-6990: Uninitialized Use in Dawn High CVE-2024-7255: Out of bounds read in WebTransport High CVE-2024-7256:...

Fedora 39 : chromium (2024-f2e57b108e)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-f2e57b108e advisory. update to 127.0.6533.72 CVE-2024-6988: Use after free in Downloads CVE-2024-6989: Use after free in Loader CVE-2024-6991: Use after free in Dawn...

Chromium: CVE-2024-6991 Use after free in Dawn

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Stable Channel Update for Desktop

The Stable channel has been updated to 127.0.6533.72/73 for Windows, Mac and 127.0.6533.72 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept restricte...

Google Chrome < 127.0.6533.72 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 127.0.6533.72. It is, therefore, affected by multiple vulnerabilities as referenced in the 202407stable-channel-update-for-desktop23 advisory. - Use after free in CSS in Google Chrome prior to 127.0.6533.72 allowed a remo...

CVE-2023-6991

creationtimestamp| type| source ---|---|--- 2024-01-15 17:27:43+00:00| seen| https://t.me/ctinow/168477 2024-02-03 14:21:15+00:00| seen| https://t.me/ctinow/178552...

CVE-2023-6991

The JSM filegetcontents Shortcode WordPress plugin before 2.7.1 does not validate one of its shortcode's parameters before making a request to it, which could allow users with contributor role and above to perform SSRF attacks...

CVE-2023-6991

CVE-2023-6991 relates to the WordPress plugin “JSM file_get_contents() Shortcode” (before 2.7.1). The vulnerability arises because one shortcode parameter is not validated before making an outbound request, enabling users with a contributor role or higher to trigger server-side requests (SSRF). A...

CVE-2023-6991 JSM file_get_contents() Shortcode < 2.7.1 - Contributor+ SSRF

The JSM filegetcontents Shortcode WordPress plugin before 2.7.1 does not validate one of its shortcode's parameters before making a request to it, which could allow users with contributor role and above to perform SSRF attacks...

CVE-2023-6991 JSM file_get_contents() Shortcode < 2.7.1 - Contributor+ SSRF

The JSM filegetcontents Shortcode WordPress plugin before 2.7.1 does not validate one of its shortcode's parameters before making a request to it, which could allow users with contributor role and above to perform SSRF attacks...

CVE-2023-5442

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-6991. Reason: This candidate is a reservation duplicate of CVE-2023-6991. Notes: All CVE users should reference CVE-2023-43226 instead of this candidate. All references and descriptions in this candidate have been...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Weak Password Requirements (CVE-2020-6991)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password requirements may allow an attacker to gain access using brute force. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...