RHSA-2026:2707 Red Hat Security Advisory: gimp security update

Bulletin has no description...

AlmaLinux 9 : gimp (ALSA-2026:2707)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:2707 advisory. gimp: heap-based buffer overflow via specially crafted PSP file CVE-2025-15059 Tenable has extracted the preceding description block directly from the AlmaLinux...

Oracle Linux 9 : gimp (ELSA-2026-2707)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-2707 advisory. 2:3.0.4-1.3 - fix CVE-2025-15059 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has no...

CVE-2019-2707

Vulnerability in the PeopleSoft Enterprise ELM Enterprise Learning Management component of Oracle PeopleSoft Products subcomponent: Application Search. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

EUVD-2014-4263

Malware in sbrugna...

EUVD-2015-2371

Malware in sbrugna...

RHSA-2024:2707

creationtimestamp| type| source ---|---|--- 2025-07-10 07:17:23+00:00| seen| Telegram/KDoN9blH8ytNq-HorKEj6ACjuHop7-gVRWz0hofKlp9bRU...

CVE-2024-2707

A vulnerability has been found in Tenda AC10U 15.03.06.49 and classified as critical. This vulnerability affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. The attack can be initiated remotely. The exploit has...

CVE-2025-2707

A vulnerability, which was classified as critical, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected by this issue is some unknown functionality of the file /app-api/infra/file/upload of the component Front-End Store Interface. The manipulation of the argument path leads to path...

CVE-2025-2707

creationtimestamp| type| source ---|---|--- 2025-03-24 22:35:17+00:00| seen| https://t.me/cvedetector/21000...

CVE-2025-2707 zhijiantianya ruoyi-vue-pro Front-End Store Interface upload path traversal

A vulnerability, which was classified as critical, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected by this issue is some unknown functionality of the file /app-api/infra/file/upload of the component Front-End Store Interface. The manipulation of the argument path leads to path...

CVE-2025-2707

CVE-2025-2707 affects zhijiantianya ruoyi-vue-pro 2.4.1. The root cause is a path traversal vulnerability in the Front-End Store Interface file endpoint /app-api/infra/file/upload, allowing manipulation of the path argument. The issue is exploitable remotely, with public exploit disclosures. Affe...

Amazon Linux 2 : xstream (ALAS-2024-2707)

The version of xstream installed on the remote host is prior to 1.3.1-16. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2707 advisory. XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream. XStream provides...

CVE-2024-2707 Tenda AC10U WriteFacMac formWriteFacMac os command injection

A vulnerability has been found in Tenda AC10U 15.03.06.49 and classified as critical. This vulnerability affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. The attack can be initiated remotely. The exploit has...

CVE-2024-2707

The CVE-2024-2707 entry concerns Tenda AC10U (firmware 15.03.06.49). The root cause is improper sanitization in the mac parameter of the /goform/WriteFacMac endpoint (function formWriteFacMac), enabling remote OS command injection. Impact is high: attackers can execute arbitrary commands on affec...

Malicious code in wlwz-2312-2707 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 376f82ebcfd2229bb304566e370c71c04251198e0576d254b96b1c2aa9e1f97f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-2707

creationtimestamp| type| source ---|---|--- 2023-12-17 08:36:40+00:00| seen| https://t.me/ctinow/155531...

CVE-2023-2707

The gAppointments WordPress plugin through 1.9.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-2707 Appointment booking addon for Gravity Forms <= 1.9.5.1 - Admin+ Stored XSS

The gAppointments WordPress plugin through 1.9.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-2707 Appointment booking addon for Gravity Forms <= 1.9.5.1 - Admin+ Stored XSS

The gAppointments WordPress plugin through 1.9.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...