CVE-2026-2078 yeqifu warehouse Permission Management PermissionController.java deletePermission improper authorization

A vulnerability was detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function addPermission/updatePermission/deletePermission of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\PermissionController.java of the component...

EUVD-2026-2078

Clickjacking issue, information disclosure in the PDF Viewer component. This vulnerability affects Firefox 147 and Firefox ESR 140.7...

EUVD-2021-2078

Malware in sbrugna...

CVE-2020-2078

Passwords are stored in plain text within the configuration of SICK Package Analytics software up to and including V04.1.1. An authorized attacker could access these stored plaintext credentials and gain access to the ftp service. Storing a password in plaintext allows attackers to easily gain...

CVE-2025-2078

The BlogBuzzTime for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissio...

CVE-2025-2078

creationtimestamp| type| source ---|---|--- 2025-03-12 03:44:27+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7262...

CVE-2025-2078 BlogBuzzTime-for-wp <= 1.1 - Authenticated (Admin+) Stored Cross-Site Scripting

The BlogBuzzTime for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissio...

CVE-2025-2078 BlogBuzzTime-for-wp <= 1.1 - Authenticated (Admin+) Stored Cross-Site Scripting

The BlogBuzzTime for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissio...

Linux Distros Unpatched Vulnerability : CVE-2022-2078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the Linux kernel's nftsetdescconcatparse function .This flaw allows an attacker to trigger a buffer overflow via...

CVE-2024-2078

creationtimestamp| type| source ---|---|--- 2024-03-01 13:21:59+00:00| seen| https://t.me/ctinow/197594 2024-03-01 13:26:34+00:00| seen| https://t.me/ctinow/197598 2025-04-16 20:56:17+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12156...

CVE-2024-2078

A Cross-Site Scripting XSS vulnerability has been found in HelpDeskZ affecting version 2.0.2 and earlier. This vulnerability could allow an attacker to send a specially crafted JavaScript payload within the email field and partially take control of an authenticated user's browser session...

CVE-2024-2078 Cross-Site Scripting vulnerability in HelpDeskZ

A Cross-Site Scripting XSS vulnerability has been found in HelpDeskZ affecting version 2.0.2 and earlier. This vulnerability could allow an attacker to send a specially crafted JavaScript payload within the email field and partially take control of an authenticated user's browser session...

CVE-2024-2078

CVE-2024-2078 is an XSS in HelpDeskZ

CVE-2012-2078

creationtimestamp| type| source ---|---|--- 2024-02-26 08:11:28+00:00| seen| https://t.me/ctinow/193142...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Rocky Linux 8 : kernel (RLSA-2022:7683)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7683 advisory. - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an...

Rocky Linux 8 : kernel-rt (RLSA-2022:7444)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7444 advisory. - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an...

CVE-2023-2078

Affected software/trigger : WordPress plugin “Buy Me a Coffee” (Button and Widget Plugin)

WordPress Buy Me a Coffee Plugin <= 3.7 is vulnerable to Broken Access Control

Software Buy Me a Coffee Type Plugin Vulnerable versions = 3.7 Fixed in 3.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2078 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 4f9e072d5272 Credits Lana Codes Required privilege...

Amazon Linux 2 : OpenEXR (ALAS-2023-2078)

The version of OpenEXR installed on the remote host is prior to 1.7.1-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2078 advisory. A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by...