CVE-2026-10777

creationtimestamp| type| source ---|---|--- 2026-06-04 01:11:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnggx2rp4b2g 2026-06-04 02:57:38+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mngmuf4q332f...

CVE-2025-10777 JSC R7 R7-Office Document Server downloadas path traversal

A flaw has been found in JSC R7 R7-Office Document Server up to 20250820. Impacted is an unknown function of the file /downloadas/. Executing manipulation of the argument cmd can lead to path traversal. The attack can be launched remotely. Upgrading to version 2025.3.1.923 is recommended to addre...

CVE-2024-10777

The AnyWhere Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.11 via the 'INSERTELEMENTOR' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...

CVE-2024-10777 AnyWhere Elementor <= 1.2.11 - Authenticated (Contributor+) Post Disclosure

The AnyWhere Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.11 via the 'INSERTELEMENTOR' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...

SUSE CVE-2018-10777

Buffer overflow in the WriteMP3GainAPETag function in apetag.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...

CVE-2020-10777

creationtimestamp| type| source ---|---|--- 2020-08-11 16:55:11+00:00| seen| https://t.me/cibsecurity/14027...

CVE-2020-10777

A cross-site scripting flaw was found in Report Menu feature of Red Hat CloudForms 4.7 and 5. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms...

CVE-2020-10777

CVE-2020-10777 is a cross-site scripting vulnerability in Red Hat CloudForms (Report Menu title) affecting CloudForms 4.7 and 5. The issue arises from improper sanitization of HTML/JavaScript in the report menu title, enabling a stored XSS attack against an application administrator. Public sourc...

CVE-2020-10777

A cross-site scripting flaw was found in Report Menu feature of Red Hat CloudForms 4.7 and 5. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms...

CVE-2019-10777

CVE-2019-10777 affects aws-lambda prior to v1.0.5. The vulnerability arises because config.FunctioName is used to assemble the argument for exec without sanitization, enabling an attacker to inject arbitrary commands into the zipCmd executed via config.FunctionName. Impact ranges from partial to ...

CVE-2019-10777

In aws-lambda versions prior to version 1.0.5, the "config.FunctioName" is used to construct the argument used within the "exec" function without any sanitization. It is possible for a user to inject arbitrary commands to the "zipCmd" used within "config.FunctionName"...

@xapp/stentor (>=1.13.9 <=1.15.0) potentially affected by CVE-2019-10777 via aws-lambda (>=1.0.0 <=1.0.4)

aws-lambda NPM version =1.0.0, =1.13.9, =1.15.0 Source cves: CVE-2019-10777 Source advisory: SNYK:JS-AWSLAMBDA-540839...

CVE-2016-10777

creationtimestamp| type| source ---|---|--- 2019-08-06 16:40:39+00:00| seen| https://t.me/cibsecurity/5948...

CVE-2016-10777

cPanel before 60.0.25 allows self XSS in WHM Tweak Settings for autodiscoverhost SEC-177...

CVE-2016-10777

Summary of CVE-2016-10777 : The vulnerability affects cPanel before 60.0.25 and is described as a self‑XSS in the WHM Tweak Settings for the parameter autodiscover_host (SEC-177). The issue originates from insufficient input handling in the affected web interface, enabling an attacker to cause cl...

CVE-2018-10777

CVE-2018-10777 is a buffer overflow in the WriteMP3GainAPETag function in apetag.c of MP3Gain (up to version 1.5.2-r2). The vulnerability allows remote attackers to cause a denial of service (application crash) or possibly other impact. Affected software is MP3Gain/mpglibDBL usage as noted in OSV...