15 matches found
EUVD-2025-25286
Malicious code in bioql PyPI...
CVE-2025-49396
Missing Authorization vulnerability in themifyme Themify Builder themify-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Themify Builder: from n/a through = 7.6.7...
CVE-2025-49396
CVE-2025-49396 covers a missing/incorrectly authorized access issue in the WordPress plugin Themify Builder up to version 7.6.7 . Multiple sources (PT-security PT-2025-33938, CNNVD, CVE records) describe a Broken Access Control / Missing Authorization vulnerability that could be exploited due to ...
PT-2025-33938 · WordPress · Themify Builder
Name of the Vulnerable Software and Affected Versions: Themify Builder versions through 7.6.7 Description: A missing authorization issue exists in Themify Builder, allowing exploitation of incorrectly configured access control security levels. Recommendations: Update Themify Builder to a version...
LibreOffice Unchecked Script Execution Vulnerability (Jul 2024) - Linux
LibreOffice is prone to an unchecked script execution vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
LibreOffice Unchecked Script Execution Vulnerability (Jul 2024) - Mac OS X
LibreOffice is prone to an unchecked script execution vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
WordPress Link Library Plugin <= 7.6.6 is vulnerable to Cross Site Scripting (XSS)
Software Link Library Type Plugin Vulnerable versions = 7.6.6 Fixed in 7.6.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2325 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6ac3bb374efb Credits Krzysztof Zając...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.7 security update on RHEL 8
New Red Hat Single Sign-On 7.6.7 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Atlassian Jira 7.0.0 < 7.6.7 Broken Jql Filter For Webhooks
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 7.0.x prior to 7.6.7 or 7.7.0 prior to 7.11.0. It is, therefore, affected by a vulnerability which permits remote attackers who are able to observe or otherwise intercept webho...
Roblox: Reflected XSS through multiple inputs in the issue collector on Jira
Note I put this as Medium because that's what the CVE is. This vulnerability is known and it's classified under CVE-2018-5230. Here's a link to the thread on it by Atlassian: https://jira.atlassian.com/browse/JRASERVER-67289 Description --------------------- I noticed when testing that your Jira...
Apple QuickTime 7.6.7 _Marshaled_pUnk Code Execution
No description provided by source. $Id: applequicktimemarshaledpunk.rb 11513 2011-01-08 00:25:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing...
Apple QuickTime 7.6.7 - _Marshaled_pUnk Code Execution (Metasploit)
$Id: applequicktimemarshaledpunk.rb 11513 2011-01-08 00:25:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Apple QuickTime Remote Code Execution Vulnerability
The host is installed with Apple QuickTime and is prone to remote code execution vulnerability. OpenVAS Vulnerability Test $Id: gbapplequicktimecodeexecvulnwin.nasl 5263 2017-02-10 13:45:51Z teissa $ Apple QuickTime Remote Code Execution Vulnerability Authors: Antu Sanadi Copyright: Copyright c...
QuickTime Player Streaming Debug Error Logging Buffer Overflow Vulnerability
The host is running QuickTime Player and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbapplequicktimeplayerbofvuln.nasl 5263 2017-02-10 13:45:51Z teissa $ QuickTime Player Streaming Debug Error Logging Buffer Overflow Vulnerability Authors: Madhuri D Copyright:...
QuickTime < 7.6.7 QuickTimeStreaming.qtx SMIL File Debug Logging Overflow (Windows)
Versions of QuickTime earlier than 7.6.7 are potentially affected by a stack overflow in the application's error logging when debug logging is enabled. If an attacker can trick a user on the host into viewing a specially crafted movie file, he may be able to cause an application crash or even...