CVE-2026-8684

creationtimestamp| type| source ---|---|--- 2026-05-22 12:32:08+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mmgwvthkju2s 2026-05-22 12:59:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmgygak4y32n 2026-05-26 06:38:53+00:00| seen|...

MINI-C86M-V6R9-8684

Bulletin has no description...

CVE-2025-8684

The Flatsome Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the theme's shortcodes in all versions up to, and including, 3.20.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

CVE-2025-8684

creationtimestamp| type| source ---|---|--- 2025-09-05 05:30:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ly2wm3p3p52v...

WordPress Flatsome Theme <= 3.20.0 is vulnerable to Cross Site Scripting (XSS)

Software Flatsome Type Theme Vulnerable versions = 3.20.0 Fixed in 3.20.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2025-8684 Patch priority Low CVSS severity Low 6.5 Developer EPC PSID 9ed70267df34 Credits stealthcopter Required privilege Contribut...

CVE-2020-8684

Improper access control in firmware for IntelR PAC with ArriaR 10 GX FPGA before Intel Acceleration Stack version 1.2.1 may allow a privileged user to potentially enable escalation of privilege via local access...

Linux Distros Unpatched Vulnerability : CVE-2019-8684

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3,...

CVE-2024-8684

OS Command Injection vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS GmbH. This vulnerability could allow an authenticated attacker to execute OS commands on the device via the ‘php/dal.php’ endpoint, in the ‘arrSaveConfig’ parameter...

CVE-2024-8684

OS Command Injection vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS GmbH. This vulnerability could allow an authenticated attacker to execute OS commands on the device via the ‘php/dal.php’ endpoint, in the ‘arrSaveConfig’ parameter...

CVE-2024-8684

CVE-2024-8684 describes an OS command injection in Revolution Pi (KUNBUS GmbH) via the php/dal.php endpoint, in the arrSaveConfig parameter. The vulnerability affects Revolution Pi 2022-07-28-revpi-buster and can be exploited by an authenticated attacker to execute OS commands. Available connecte...

CVE-2024-8684 OS Command Injection vulnerability in Revolution Pi

OS Command Injection vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS GmbH. This vulnerability could allow an authenticated attacker to execute OS commands on the device via the ‘php/dal.php’ endpoint, in the ‘arrSaveConfig’ parameter...

Directory traversal

A directory traversal vulnerability in Valve Counter-Strike 8684 allows a client with remote control access to a game server to read arbitrary files from the underlying server via the motdfile console variable...

Valve Counter-Strike 2 Path Traversal Vulnerability

Valve Counter-Strike 2 is an online game by Valve Corporation. A security vulnerability exists in Valve Counter-Strike 2 version 8684, which stems from the presence of a directory traversal vulnerability that allows an attacker to read arbitrary files from the underlying server via the motdfile...

CVE-2023-38312

CVE-2023-38312 affects Valve Counter-Strike 8684: a directory traversal via the motdfile console variable allows a client with remote access to read arbitrary server files. Root cause: directory traversal vulnerability in the game server component. Impact: potential exposure of sensitive server f...

PT-2023-26352 · Valve · Valve Counter-Strike

Name of the Vulnerable Software and Affected Versions: Valve Counter-Strike version 8684 Description: A directory traversal issue allows a client with remote control access to a game server to read arbitrary files from the underlying server via the motdfile console variable. Recommendations: For...

CVE-2023-38312

A directory traversal vulnerability in Valve Counter-Strike 8684 allows a client with remote control access to a game server to read arbitrary files from the underlying server via the motdfile console variable...

PT-2023-25346 · Valve · Counter-Strike

Name of the Vulnerable Software and Affected Versions: Counter-Strike versions through 8684 Description: A buffer overflow issue allows a game server to execute arbitrary code on a remote client's machine. This is achieved by modifying the lservercfgfile console variable. Recommendations: For...

Debian: Security Advisory (DLA-683-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2016-0357)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2019-0281)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...