Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion

A directory traversal vulnerability in the Picasa2Gallery compicasa2gallery component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2507 info: name:...

CVE-2026-2507

creationtimestamp| type| source ---|---|--- 2026-02-18 17:23:26+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mf5lt2ytbd25 2026-02-18 17:23:38+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mf5ltgkt3r2c 2026-02-18 17:24:19+00:00| seen|...

K000160003: BIG-IP TMM vulnerability CVE-2026-2507

Security Advisory Description When BIG-IP AFM or BIG-IP DDoS Hybrid Defender is provisioned, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2026-2507 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote,...

F5 Networks BIG-IP : BIG-IP TMM vulnerability (K000160003)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.5.1.5 / Hotfix- BIGIP-17.5.1.4.0.17.20-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000160003 advisory. When BIG-IP AFM or BIG-IP DDoS Hybrid Defender is provisioned, undisclosed traffic...

EUVD-2026-2507

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it...

EUVD-2022-2507

Malicious code in bioql PyPI...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:2507)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2507 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the...

CVE-2024-2507 JetWidgets For Elementor <= 1.0.16 - Authenticated(Contributor+) Stored Cross-Site Scripting via Widget Button URL

The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget button URL in all versions up to, and including, 1.0.16 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-2507

CVE-2024-2507 affects JetWidgets For Elementor plugin for WordPress. All versions up to and including 1.0.16 are vulnerable to Stored Cross-Site Scripting via the widget button URL due to insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authen...

WordPress JetWidgets For Elementor Plugin <= 1.0.16 is vulnerable to Cross Site Scripting (XSS)

Software JetWidgets For Elementor Type Plugin Vulnerable versions = 1.0.16 Fixed in 1.0.17 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2507 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5d49ae8fd6e0 Credits João Pedro...

Malicious code in wlwz-2312-2507 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9630c448c9ebe05f090043d1c871120b1d4a782e562ff5350ade4dde5c25b71b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2019-2507

creationtimestamp| type| source ---|---|--- 2023-11-15 16:53:23+00:00| published-proof-of-concept| https://t.me/BABATATASASA/5991...

CVE-2023-2507

CVE-2023-2507 affects CleverTap Cordova Plugin (version 2.6.2). The vulnerability arises from improper validation of data from deeplinks, allowing a remote attacker to execute JavaScript in apps opened via a crafted deeplink (XSS/remote code execution-like behavior described in sources). A patch ...

CVE-2022-2507

Technical details about CVE-2022-2507 are not publicly available in the provided documents; monitor official advisories and vendor updates for further information.

SUSE CVE-2019-2507

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol...

QNAP Helpdesk Multiple Vulnerabilities (QSA-20-08)

The version of QNAP QTS Helpdesk is affected by multiple vulnerabilities as follows: - If exploited, this improper access control vulnerability could allow attackers to compromise the security of the software by gaining privileges, or reading sensitive information. CVE-2020-2506 - If exploited,...

CVE-2020-2507

creationtimestamp| type| source ---|---|--- 2021-02-03 18:49:18+00:00| seen| https://t.me/cibsecurity/23013 2024-12-19 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-12-19 2024-12-27 00:00:00+00:00| exploited| The Shadowserver...

CVE-2020-2507

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3...

CVE-2020-2507

CVE-2020-2507 is a command injection vulnerability in QNAP QTS Helpdesk prior to version 3.0.3. Exploitation could allow remote attackers to execute arbitrary commands with no authentication, as reported in multiple sources. The issue is tied to Helpdesk (improper access control) and is reference...

CVE-2020-2507

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3. Recent assessments: Assessed Attacker Value: 0...