Oracle Business Intelligence Publisher - XML External Entity Injection

Oracle Business Intelligence Publisher is vulnerable to an XML external entity injection attack. The supported versions affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability allows unauthenticated attackers with network access via HTTP to compromise BI Publishe...

CVE-2026-2767

creationtimestamp| type| source ---|---|--- 2026-02-25 00:02:13+00:00| seen| https://bsky.app/profile/slackers.it/post/3mfnevolwlj2h 2026-02-28 02:01:50+00:00| seen| https://bsky.app/profile/slackers.it/post/3mfv4ycvd6i2f...

CVE-2026-2767

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript: WebAssembly component...

CVE-2026-2767

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

UBUNTU-CVE-2026-2767

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2767

CVE-2026-2767 is a use-after-free vulnerability in the JavaScript: WebAssembly component of Firefox/Thunderbird. Affected products include Firefox (Desktop) and Thunderbird with the WebAssembly implementation; the issue is addressed by fixes in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and...

MiracleLinux 8 : java-11-openjdk-11.0.7.10-1.el8 (AXSA:2020-214:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-214:06 advisory. OpenJDK: Incorrect bounds checks in NIO Buffers Libraries, 8234841 CVE-2020-2803 OpenJDK: Incorrect type checks in MethodType.readObject Libraries,...

CVE-2019-2767

Vulnerability in the BI Publisher formerly XML Publisher component of Oracle Fusion Middleware subcomponent: BI Publisher Security. The supported version that is affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

CVE-2024-2767

A vulnerability was found in Campcodes Complete Online Beauty Parlor Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be initiated...

CVE-2022-2767

A vulnerability classified as problematic has been found in SourceCodester Online Admission System. This affects an unknown part of the file /index.php. The manipulation of the argument studentadd leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

CVE-2004-2767

NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service connection slot exhaustion by establishing many FTP sessions that persist for the lifetime of a DS session...

CVE-2025-2767

Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability. The specific flaw exist...

CVE-2025-2767 Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability

Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability. The specific flaw exist...

CVE-2025-2767

CVE-2025-2767 affects Arista NG Firewall. The vulnerability is in the processing of the User-Agent HTTP header, due to lack of validation of user-supplied data, enabling injection of arbitrary script and remote code execution with root privileges. It requires minimal user interaction. Documents r...

CVE-2025-2767 Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability

Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability. The specific flaw exist...

CVE-2025-2767

creationtimestamp| type| source ---|---|--- 2025-03-25 04:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-181/ 2025-04-23 17:55:29+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114388561336931929 2025-04-23 19:48:34+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2018-2767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Encryption. Supported versions that are affected are 5.5.60 and prio...

CVE-2024-2767

creationtimestamp| type| source ---|---|--- 2025-02-21 22:10:25+00:00| seen| Telegram/GQFjiS5NSHoLKBL-G8SlVmIrwNiVhHGJLOQRgx-nC0NrnzdP...

RHEL 7 : rh-perl526-mod_perl (RHSA-2018:2825)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2825 advisory. Modperl incorporates a Perl interpreter into the Apache web server, such that the Apache HTTP server can directly execute Perl code. Security Fixes:...

RHEL 5 : mod_perl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - modperl: arbitrary Perl code execution in the context of the user account via a user-owned .htaccess CVE-2011-2767...