CVE-2026-10074

DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing privileged local attackers to exploit Relative Path Traversal to download arbitrary system files...

CVE-2025-10074

creationtimestamp| type| source ---|---|--- 2025-09-08 03:51:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lycch7bwon2r...

CVE-2025-10074 Portabilis i-Educar tipos cross site scripting

A vulnerability was identified in Portabilis i-Educar up to 2.10. The affected element is an unknown function of the file /usuarios/tipos/. The manipulation of the argument Tipos de Usuário/Descrição leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly...

Linux Distros Unpatched Vulnerability : CVE-2016-10074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mail transport aka SwiftTransportMailTransport in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and...

RHEL 8 : firefox (RHSA-2025:10074)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:10074 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

CVE-2020-10074

GitLab 10.1 through 12.8.1 has Incorrect Access Control. A scenario was discovered in which a GitLab account could be taken over through an expired link...

CVE-2015-10074

A vulnerability was found in OpenSeaMap onlinechart 1.2. It has been classified as problematic. Affected is the function init of the file index.php. The manipulation of the argument mtext leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version staging is...

CVE-2024-10074

in OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is upgraded to root through use after free...

K46057232: Swift Mailer vulnerability CVE-2016-10074

Security Advisory Description The mail transport aka SwiftTransportMailTransport in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " backslash double quote in a crafted e-mail address in the 1 From,...

CVE-2015-10074

OpenSeaMap online_chart 1.2 is affected by a Cross-Site Scripting in the init function of index.php, caused by unsafely handling the mtext argument. The vulnerability allows remote exploitation and has a patch in version staging; upgrading is recommended. References in connected data point to the...

SUSE: Security Advisory (SUSE-SU-2017:2263-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2175-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2280-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-10074

GitLab 10.1 through 12.8.1 has Incorrect Access Control. A scenario was discovered in which a GitLab account could be taken over through an expired link...

CVE-2020-10074

GitLab 10.1–12.8.1 is affected by an Incorrect Access Control vulnerability that could allow an account takeover via an expired link. Public details in the docs identify the affected ranges and the impact; remediation mentioned in the references is to upgrade to GitLab 12.8.2 (and newer). The ava...

Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2017-1208)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2017-1150)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2017-1207)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2017-1151)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-10074

CVE-2019-10074 affects Apache OFBiz where Freemarker markup in a Form Widget textarea can trigger remote code execution if encoding is disabled on that field (notably in the Customer Request “story” input of Order Manager). Root cause: disabling encoding on a user input field allows untrusted mar...