MiracleLinux 9 : golang-1.24.4-1.el9_6 (AXSA:2025-10627:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10627:03 advisory. net/http: Sensitive headers not cleared on cross-origin redirect in net/http CVE-2025-4673 Tenable has extracted the preceding description block directly fr...

CVE-2025-10627

creationtimestamp| type| source ---|---|--- 2025-09-18 03:18:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lz3faocqjj2c...

CVE-2025-10627 SourceCodester Online Exam Form Submission delete_user.php sql injection

A vulnerability has been found in SourceCodester Online Exam Form Submission 1.0. This affects an unknown part of the file /admin/deleteuser.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may ...

HP Multiple Products Buffer Overflow (CVE-2019-10627)

Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS...

CVE-2024-10627

CVE-2024-10627 affects WooCommerce Support Ticket System for WordPress. The vulnerability is an arbitrary file upload flaw caused by missing file type validation in the ajax_manage_file_chunk_upload() function, present in all versions up to 17.7. The issue allows unauthenticated attackers to uplo...

WordPress WooCommerce Support Ticket System Plugin <= 17.7 is vulnerable to Arbitrary File Upload

Software WooCommerce Support Ticket System Type Plugin Vulnerable versions = 17.7 Fixed in 17.8 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-10627 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 8e050fff0484 Credits Tonn Required privilege...

CVE-2020-10627

creationtimestamp| type| source ---|---|--- 2021-12-01 18:40:04+00:00| seen| https://t.me/cibsecurity/33207...

CVE-2020-10627

CVE-2020-10627 affects Insulet Omnipod Insulin Management System models with product IDs 19191 and 40160. The vulnerability stems from a wireless RF communication protocol between the insulin pump and the manufacturer’s Personal Diabetes Manager that does not properly implement authentication or ...

Insulet Omnipod

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit/public exploits are known for this vulnerability Vendor: Insulet Equipment: Omnipod Insulin Management System Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an...

CVE-2019-10627

CVE-2019-10627 is an integer overflow to buffer overflow in PostScript image handling used by PostScript- and PDF-compatible interpreters in IPS-based HP Inkjet printers prior to 2019.2. The root cause is incorrect buffer size calculation, enabling a vulnerability that can overflow buffers in aff...

scalajs-standalone-bin (>=0.1.0 <=0.4.3), tpr (>=0.2.0 <=0.2.2) potentially affected by CVE-2016-10627 via scala-bin (>=0.2.1 <=0.3.3)

scala-bin NPM version =0.2.1, =0.1.0, =0.2.0, =0.2.2 Source cves: CVE-2016-10627 Source advisory: OSV:GHSA-3VV5-42WR-M32G...

CVE-2018-10627

CVE-2018-10627 affects Echelon SmartServer 1 (all versions), SmartServer 2 (all versions before 4.11.007), i.LON 100 (all versions), and i.LON 600 (all versions; not affecting i.LON 600 per some sources). The flaw enables information disclosure via the SOAP API, allowing an attacker to retrieve a...

CVE-2016-10627

The CVE-2016-10627 case involves scala-bin, a binary wrapper for Scala that downloads binaries over HTTP. The documented vulnerability is a MITM risk: an attacker on the network path could intercept the HTTP response and substitute a malicious binary, potentially enabling remote code execution on...