23 matches found
ROOT-OS-UBUNTU-2404-CVE-2025-37787 CVE-2025-37787 in rootio-linux - Patched by Root
Root has patched CVE-2025-37787 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
EUVD-2025-37787
The KiotViet Sync plugin for WordPress is vulnerable to authorizarion bypass in all versions up to, and including, 1.8.5. This is due to the plugin using a hardcoded password for authentication in the QueryControllerAdmin::authenticated function. This makes it possible for unauthenticated attacke...
CVE-2025-37787 affecting package kernel for versions less than 6.6.92.2-1
CVE-2025-37787 affecting package kernel for versions less than 6.6.92.2-1. An upgraded version of the package is available that resolves this issue...
BELL-CVE-2025-37787
Bulletin has no description...
CVE-2025-37787
creationtimestamp| type| source ---|---|--- 2025-05-02 07:16:26+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14456...
SUSE CVE-2025-37787
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered Russell King reports that a system with mv88e6xxx dereferences a NULL pointer when unbinding this driver:...
CVE-2025-37787
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered Russell King reports that a system with mv88e6xxx dereferences a NULL pointer when unbinding this driver:...
CVE-2025-37787
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered Russell King reports that a system with mv88e6xxx dereferences a NULL pointer when unbinding this driver:...
CVE-2025-37787 net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered Russell King reports that a system with mv88e6xxx dereferences a NULL pointer when unbinding this driver:...
CVE-2025-37787 net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered Russell King reports that a system with mv88e6xxx dereferences a NULL pointer when unbinding this driver:...
CVE-2025-37787
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered Russell King reports that a system with mv88e6xxx dereferences a NULL pointer when unbinding this driver:...
CVE-2021-37787
The unprivileged administrative interface in ABO.CMS version 5.8 through v.5.9.3 is affected by a SQL Injection vulnerability via a HTTP POST request to the TinyMCE module...
CVE-2021-37787
The unprivileged administrative interface in ABO.CMS version 5.8 through v.5.9.3 is affected by a SQL Injection vulnerability via a HTTP POST request to the TinyMCE module...
CVE-2021-37787
The unprivileged administrative interface in ABO.CMS version 5.8 through v.5.9.3 is affected by a SQL Injection vulnerability via a HTTP POST request to the TinyMCE module...
CVE-2021-37787
CVE-2021-37787 affects ABO.CMS versions 5.8–5.9.3, due to a SQL Injection vulnerability exploitable via an HTTP POST to the TinyMCE module. The connected documents confirm the affected component (ABO.CMS, TinyMCE integration) and the vulnerability class (SQL injection) but do not provide details ...
CVE-2021-37787
creationtimestamp| type| source ---|---|--- 2025-03-08 04:00:07+00:00| published-proof-of-concept| Telegram/WK-d7rHew0RoUjunO6vRsF762k6XwiwPjLRMSoANXZ7zahs 2025-03-11 17:39:43+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7183 2025-03-20 21:02:03+00:00| seen|...
CVE-2023-37787
Multiple cross-site scripting XSS vulnerabilities in Geeklog v2.2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of /admin/router.php...
CVE-2023-37787
Multiple cross-site scripting XSS vulnerabilities in Geeklog v2.2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of /admin/router.php...
CVE-2023-37787
Multiple cross-site scripting XSS vulnerabilities in Geeklog v2.2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of /admin/router.php...
CVE-2023-37787
Geeklog v2.2.2 is affected by multiple cross-site scripting (XSS) vulnerabilities that allow an attacker to run arbitrary web scripts or HTML by injecting a crafted payload into the Rule and Route parameters of /admin/router.php. Root cause: improper validation of user-supplied input in router.ph...