RHCOS 4 : OpenShift Container Platform 4.7.7 (RHSA-2021:1150)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1150 advisory. - containers/storage: DoS via malicious image CVE-2021-20291 Note that Nessus has not tested for this issue but has instead relied only on th...

EUVD-2018-8530

Malware in sbrugna...

EUVD-2024-28427

Malicious code in bioql PyPI...

CVE-2024-35451

CVE-2024-35451 affects LinkStack versions 2.7.9–4.7.7. A server-side request forgery vulnerability exists in resources/views/components/favicon.blade.php, enabling SSRF via a crafted link. Documented impact includes risk of local network access; no exploit details are provided in the sources. Rem...

RHEL 7 : CloudForms 4.7.7 (RHSA-2019:1833)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1833 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments...

RHSA-2021:1150 Red Hat Security Advisory: OpenShift Container Platform 4.7.7 security update

Bulletin has no description...

RHSA-2019:1833 Red Hat Security Advisory: CloudForms 4.7.7 security, bug fix and enhancement update

Bulletin has no description...

WordPress Molongui Plugin <= 4.7.7 is vulnerable to Insecure Direct Object References (IDOR)

Software Molongui Type Plugin Vulnerable versions = 4.7.7 Fixed in 4.7.8 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-30507 Patch priority Low CVSS severity Low 2.7 Developer Claim ownership PSID c7f745bc9de4 Credits CatFather Required...

HandlebarsJS < 4.7.7 Multiple Vulnerabilities

According to its self-reported version number, HandlebarsJS on the remote server is prior to version 4.7.7. Therefore, it may be affected by multiple vulnerabilities. - A Prototype Pollution Vulnerability when seleclecting certain compiling options to compile templates originating from untrusted...

CVE-2023-38752

Improper authorization vulnerability in Special Interest Group Network for Analysis and Liaison versions 4.4.0 to 4.7.7 allows the authorized API users to view the attribute information of the poster that is set as"non-disclosure" in the system settings...

CVE-2023-3815

A vulnerability, which was classified as problematic, has been found in yproject RuoYi up to 4.7.7. Affected by this issue is the function uploadFilesPath of the component File Upload. The manipulation of the argument originalFilenames leads to cross site scripting. The attack may be launched...

CVE-2023-3815

CVE-2023-3815 affects y_project RuoYi (up to 4.7.7). The vulnerability is in the File Upload component, specifically the function uploadFilesPath where manipulation of the originalFilenames argument leads to cross-site scripting. The issue can be exploited remotely and does not require authentica...

WordPress Ninja Popups Plugin <= 4.7.7 is vulnerable to Open Redirection

Software Ninja Popups Type Plugin Vulnerable versions = 4.7.7 Fixed in 4.7.8 OWASP Top 10 A1: Injection Classification Open Redirection CVE CVE-2022-27861 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 5f5341c2db31 Credits Dave Jong Patchstack Required privilege...

CVE-2023-3163

A vulnerability was found in yproject RuoYi up to 4.7.7. It has been classified as problematic. Affected is the function filterKeyword. The manipulation of the argument value leads to resource consumption. VDB-231090 is the identifier assigned to this vulnerability...

CVE-2023-3163

A vulnerability was found in yproject RuoYi up to 4.7.7. It has been classified as problematic. Affected is the function filterKeyword. The manipulation of the argument value leads to resource consumption. VDB-231090 is the identifier assigned to this vulnerability...

CVE-2023-3163 y_project RuoYi filterKeyword resource consumption

A vulnerability was found in yproject RuoYi up to 4.7.7. It has been classified as problematic. Affected is the function filterKeyword. The manipulation of the argument value leads to resource consumption. VDB-231090 is the identifier assigned to this vulnerability...

phpMyAdmin 4.7.7 < 4.9.2 SQL Injection

The version of phpMyAdmin installed on the remote host does not sanitize the database name parameter inside the Designer feature, leading to exposure to a SQL injection vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's...

GHSA-F9HX-5JQ4-FGJM phpMyAdmin CSRF Vulnerability

phpMyAdmin versions 4.7.x prior to 4.7.6.1/4.7.7 are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc...

Prototype Pollution in handlebars

The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source...

GHSA-765H-QJXV-5F44 Prototype Pollution in handlebars

The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source...