42 matches found
CVE-2024-6997 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2024-6997 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-6997
A security vulnerability has been detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This impacts an unknown function of the component New RMON History Page. The manipulation of the argument Owner leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been...
ECHO-6997-45FE-7CD8
Bulletin has no description...
MAL-2025-6997 Malicious code in 254-shades-of-grey (npm)
The package 254-shades-of-grey was found to contain malicious code...
WordPress ThemeREX Addons plugin <= 2.35.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trx_addons_get_svg_from_file Function vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via trxaddonsgetsvgfromfile Function vulnerability discovered by stealthcopter in WordPress Plugin ThemeREX Addons versions = 2.35.1.1...
CVE-2025-6997 ThemeREX Addons <= 2.35.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trx_addons_get_svg_from_file Function
The ThemeREX Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.35.1.1 due to insufficient input sanitization and output escaping. The plugin’s SVG rendering routine calls the trxaddonsgetsvgfromfile function on an...
CVE-2025-6997
CVE-2025-6997 : ThemeREX Addons for WordPress is vulnerable to a stored cross-site scripting (XSS) via SVG uploads in versions
CVE-2025-6997 ThemeREX Addons <= 2.35.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trx_addons_get_svg_from_file Function
The ThemeREX Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.35.1.1 due to insufficient input sanitization and output escaping. The plugin’s SVG rendering routine calls the trxaddonsgetsvgfromfile function on an...
CVE-2019-6997
An issue was discovered in GitLab Community and Enterprise Edition 10.x starting in 10.7 and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. System notes contain an access control issue that permits a guest user to view merge request titles...
CVE-2006-6997
Unspecified vulnerability in a cryptographic feature in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 leads to "weakened authentication security" with unknown impact and attack vectors. NOTE: due to lack of details, it is not clear...
Linux Distros Unpatched Vulnerability : CVE-2024-6997
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Tabs in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially...
CentOS 7 : firefox (RHSA-2022:6997)
The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:6997 advisory. - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Nessus has not tested for this issue but has...
Oracle Linux 9 : kernel (ELSA-2024-6997)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6997 advisory. - ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses CKI Backport Bot RHEL-42783 CVE-2024-26947 - tty: ngsm: fix possible...
CGA-6997-4VMW-M8CQ
Bulletin has no description...
RHEL 9 : kernel (RHSA-2024:6997)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6997 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: uio: Fix use-after-free in...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : LibTIFF vulnerability (USN-6997-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6997-1 advisory. It was discovered that LibTIFF incorrectly handled memory. An attacker could possibly use this issue to cause the...
CVE-2024-6997
creationtimestamp| type| source ---|---|--- 2024-08-06 19:12:04+00:00| seen| https://t.me/cvedetector/2601...
CVE-2024-6997
Use after free in Tabs in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
Fedora 40 : chromium (2024-3a1a0a664e)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3a1a0a664e advisory. update to 127.0.6533.88 Critical CVE-2024-6990: Uninitialized Use in Dawn High CVE-2024-7255: Out of bounds read in WebTransport High CVE-2024-7256:...