31 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-25707
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to...
CVE-2026-25707
creationtimestamp| type| source ---|---|--- 2026-06-29 11:15:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpgeejxf3d2y 2026-06-29 12:41:59+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgj6gnudt2t 2026-06-29 20:47:44+00:00| seen|...
DEBIAN-CVE-2026-25707
A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation...
SUSE SLED15: libsolv-devel / libsolv-tools / libsolv-tools-base / libzypp / etc (SUSE-SU-2026:2531-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2531-1 advisory. This update for libsolv, libzypp, zypper fixes the following issues - CVE-2026-9149: Heap buffer overflow in...
SUSE CVE-2026-25707
A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation...
CVE-2019-25707
creationtimestamp| type| source ---|---|--- 2026-04-12 04:16:33+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2019-25707 2026-04-12 14:50:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjclxs2ktc2g...
Linux Distros Unpatched Vulnerability : CVE-2020-25707
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate is a duplicate of CVE-2020-2891 CVE-2020-25707 Note that Nessus relies on the presence...
CVE-2024-25707
There is a reflected cross site scripting in Esri Portal for ArcGIS 11.1 and below on Windows and Linux x64 allows a remote authenticated attacker with administrative access to supply a crafted string which could potentially execute arbitrary JavaScript code in the their own browser Self XSS. A...
CVE-2024-25707
There is a reflected cross site scripting in Esri Portal for ArcGIS 11.1 and below on Windows and Linux x64 allows a remote authenticated attacker with administrative access to supply a crafted string which could potentially execute arbitrary JavaScript code in the their own browser Self XSS. A...
CVE-2024-25707
CVE-2024-25707 is a reflected cross-site scripting vulnerability in Esri Portal for ArcGIS 11.1 and earlier. The issue allows an authenticated user with administrative privileges to supply a crafted string that could cause arbitrary JavaScript execution in their own browser (Self XSS). The vulner...
CVE-2024-25707 BUG-000160241 - Reflected XSS in Portal for ArcGIS
There is a reflected cross site scripting in Esri Portal for ArcGIS 11.1 and below on Windows and Linux x64 allows a remote authenticated attacker with administrative access to supply a crafted string which could potentially execute arbitrary JavaScript code in the their own browser Self XSS. A...
CVE-2024-25707 BUG-000160241 - Reflected XSS in Portal for ArcGIS
There is a reflected cross site scripting in Esri Portal for ArcGIS 11.1 and below on Windows and Linux x64 allows a remote authenticated attacker with administrative access to supply a crafted string which could potentially execute arbitrary JavaScript code in the their own browser Self XSS. A...
CVE-2023-25707
creationtimestamp| type| source ---|---|--- 2023-05-23 16:25:17+00:00| seen| https://t.me/cibsecurity/64620...
CVE-2023-25707
Cross-Site Request Forgery CSRF vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin = 1.5.12 versions...
CVE-2023-25707 WordPress VikBooking Hotel Booking Engine & PMS Plugin <= 1.5.12 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin = 1.5.12 versions...
CVE-2023-25707
CVE-2023-25707: Cross-Site Request Forgery in the VikBooking Hotel Booking Engine & PMS WordPress plugin (versions
CVE-2023-25707 WordPress VikBooking Hotel Booking Engine & PMS Plugin <= 1.5.12 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin = 1.5.12 versions...
WordPress VikBooking Hotel Booking Engine & PMS Plugin <= 1.5.12 is vulnerable to Cross Site Request Forgery (CSRF)
Software VikBooking Hotel Booking Engine & PMS Type Plugin Vulnerable versions = 1.5.12 Fixed in 1.6.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25707 Patch priority Low CVSS severity Low 6.3 Developer Claim ownership PSID 425db90a957f...
SUSE: Security Advisory (SUSE-SU-2021:14772-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for qemu (openSUSE-SU-2021:1942-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...