EVlink City < R8 V3.4.0.1 - Authentication Bypass

A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacker t...

@avorati/strapi-plugin-preview (=1.0.1), @catchmexz/fedin-cms (>=5.30.1 <=5.30.2) +9 more potentially affected by CVE-2026-22707 via @strapi/upload (>=5.0.0-beta.10 <=5.33.2)

@strapi/upload NPM version =5.0.0-beta.10, =5.30.1, =2.0.2, =0.0.1, =5.0.0, =3.0.0-beta.1, =3.0.0-beta.2 - stronges =0.1.1 - test-lead =0.1.0 Source cves: CVE-2026-22707 Source advisory: SNYK:JS-STRAPIUPLOAD-16691317...

CVE-2025-22707

creationtimestamp| type| source ---|---|--- 2026-01-08 11:08:22+00:00| seen| https://gist.github.com/Darkcrai86/fef41f0bae83bc893ffcd86e3af25ebf 2026-01-08 18:13:25+00:00| seen| Telegram/0IylyGSboEmKCHUPY4eAowSbZvYOKrVocDJ9Z5IoL0N8fw 2026-01-10 03:25:56+00:00| seen|...

CVE-2025-22707

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Moody tm-moody allows PHP Local File Inclusion.This issue affects Moody: from n/a through = 2.7.3...

CVE-2023-22707

Auth. author+ Cross-Site Scripting XSS vulnerability in Wpsoul Greenshift – animation and page builder blocks plugin = 4.9.9 versions...

CVE-2021-22707

creationtimestamp| type| source ---|---|--- 2024-10-30 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-10-30 2024-11-04 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-11-04 2024-11-10 00:00:00+00:00| exploited| The...

CVE-2024-30340 Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability

Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit...

CVE-2024-30340

CVE-2024-30340 describes a Foxit PDF Reader annotation handling vulnerability where inadequate validation of user-supplied data in Annotation objects can cause an out-of-bounds read, leading to information disclosure. The flaw allows remote disclosure of sensitive data when a user visits a malici...

CVE-2023-22707

creationtimestamp| type| source ---|---|--- 2023-03-27 18:20:16+00:00| seen| https://t.me/cibsecurity/60792...

CVE-2023-22707

CVE-2023-22707 affects WordPress Greenshift – animation and page builder blocks plugin versions

Ubuntu: Security Advisory (USN-5903-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated lighttpd packages fix security vulnerability

In lighttpd 1.4.46 through 1.4.63, the modextforwardForwarded function of the modextforward plugin has a stack-based buffer overflow 4 bytes representing -1, as demonstrated by remote denial of service daemon crash in a non-default configuration. The non-default configuration requires handling of...

MGASA-2022-0161 Updated lighttpd packages fix security vulnerability

In lighttpd 1.4.46 through 1.4.63, the modextforwardForwarded function of the modextforward plugin has a stack-based buffer overflow 4 bytes representing -1, as demonstrated by remote denial of service daemon crash in a non-default configuration. The non-default configuration requires handling of...

openSUSE 15 Security Update : lighttpd (openSUSE-SU-2022:0024-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0024-1 advisory. - In lighttpd 1.4.46 through 1.4.63, the modextforwardForwarded function of the modextforward plugin has a stack-based buffer overflow 4 bytes...

OPENSUSE-SU-2022:0024-1 Security update for lighttpd

This update for lighttpd fixes the following issues: lighttpd was updated to 1.4.64: CVE-2022-22707: off-by-one stack overflow in the modextforward plugin boo1194376 graceful restart/shutdown timeout changed from 0 disabled to 8 seconds. configure an alternative with: server.feature-flags +=...

OESA-2022-1491 lighttpd security update

Secure, fast, compliant and very flexible web-server which has been optimized for high-performance environments. It has a very low memory footprint compared to other webservers and takes care of cpu-load. Its advanced feature-set FastCGI, CGI, Auth, Output-Compression, URL-Rewriting and many more...

Debian DSA-5040-1 : lighttpd - security update

The remote Debian 10 / 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5040 advisory. An out-of-bounds memory access was discovered in the modextforward plugin of the lighttpd web server, which may result in denial of service. For the oldstable...

[SECURITY] [DSA 5040-1] lighttpd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5040-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 11, 2022 https://www.debian.org/security/faq -...

CVE-2022-22707

creationtimestamp| type| source ---|---|--- 2022-01-06 12:40:49+00:00| seen| https://t.me/cibsecurity/35025...

CVE-2022-22707

CVE-2022-22707 affects lighttpd 1.4.46–1.4.63 via the mod_extforward_Forwarded function, causing a stack-based buffer overflow (4-byte boundary) that can lead to remote denial of service. The issue is more likely on 32-bit systems and occurs in non-default Forwarded header handling. Connected adv...