MINI-W8MC-96CM-6996

Bulletin has no description...

CVE-2026-6996 BDCOM P3310D rmon event Tab cross site scripting

A weakness has been identified in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This affects an unknown function of the component rmon event Tab. Executing a manipulation of the argument Description can lead to cross site scripting. The attack may be launched remotely. The exploit has been made availab...

CVE-2025-6996

creationtimestamp| type| source ---|---|--- 2025-07-08 16:23:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lthpk7y6n325 2025-07-11 22:51:58+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3ltpwo4vbek2o...

CVE-2025-6996

CVE-2025-6996 concerns Ivanti Endpoint Manager. The issue is an improper use of encryption in the agent that, on affected versions prior to 2024 SU3 and prior to 2022 SU8 Security Update 1, could let a local authenticated attacker decrypt other users’ passwords. The vulnerability affects Ivanti E...

Linux Distros Unpatched Vulnerability : CVE-2024-6996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race in Frames in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing v...

Ubuntu: Security Advisory (USN-6996-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS / 24.04 LTS : WebKitGTK vulnerabilities (USN-6996-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6996-1 advisory. Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website,...

CVE-2024-6996

creationtimestamp| type| source ---|---|--- 2024-08-06 19:12:15+00:00| seen| https://t.me/cvedetector/2609 2025-03-13 13:44:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7409...

CVE-2024-6996

Race in Frames in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-6996

Race in Frames in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-6996

Race in Frames in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

qt5-webengine -- Multiple vulnerabilities

Backports for 6 security bugs in Chromium: CVE-2024-5496: Use after free in Media Session CVE-2024-5846: Use after free in PDFium CVE-2024-6291: Use after free in Swiftshader CVE-2024-6989: Use after free in Loader CVE-2024-6996: Race in Frames CVE-2024-7536: Use after free in WebAudio...

Fedora 40 : chromium (2024-3a1a0a664e)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3a1a0a664e advisory. update to 127.0.6533.88 Critical CVE-2024-6990: Uninitialized Use in Dawn High CVE-2024-7255: Out of bounds read in WebTransport High CVE-2024-7256:...

Fedora 39 : chromium (2024-f2e57b108e)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-f2e57b108e advisory. update to 127.0.6533.72 CVE-2024-6988: Use after free in Downloads CVE-2024-6989: Use after free in Loader CVE-2024-6991: Use after free in Dawn...

Chromium: CVE-2024-6996 Race in Frames

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Stable Channel Update for Desktop

The Stable channel has been updated to 127.0.6533.72/73 for Windows, Mac and 127.0.6533.72 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept restricte...

Google Chrome < 127.0.6533.72 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 127.0.6533.72. It is, therefore, affected by multiple vulnerabilities as referenced in the 202407stable-channel-update-for-desktop23 advisory. - Use after free in CSS in Google Chrome prior to 127.0.6533.72 allowed a remo...

CVE-2023-6996

creationtimestamp| type| source ---|---|--- 2024-02-10 17:46:33+00:00| seen| https://t.me/ctinow/182616 2025-05-08 21:25:37+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15625...

CVE-2023-6996 Display custom fields in the frontend – Post and User Profile Fields <= 1.2.1 - Authenticated (Contributor+) Code Injection

The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is vulnerable to Code Injection via the plugin's vgdisplaydata shortcode in all versions up to, and including, 1.2.1 due to insufficient input validation and restriction on access to that shortcode. This...

CVE-2023-6996

The vulnerability CVE-2023-6996 affects the WordPress plugin Display custom fields in the frontend – Post and User Profile Fields, via the vg_display_data shortcode. Root cause: insufficient input validation and access restriction on the shortcode, enabling authenticated attackers with contributo...