CVE-2026-7021

A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the argument baseURL causes information disclosure. It is possible to initiate the attack remotely. The...

CVE-2026-7021

SmythOS SRE up to 0.0.15 is affected by CVE-2026-7021 in the Connector Service, specifically via the file packages/sdk/src/LLM/utils.ts. The vulnerability arises from manipulating the baseURL argument, leading to information disclosure. The issue is exploitable remotely and publicly available too...

CVE-2024-7021

creationtimestamp| type| source ---|---|--- 2025-11-14 05:10:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5kw4jlx3b2q...

CVE-2024-7021

Inappropriate implementation in Autofill in Google Chrome on Windows prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-7021 OpenAI Operator - API Spoofing through Locking Operator on FullScreen

Fullscreen API Spoofing and UI Redressing in the handling of Fullscreen API and UI rendering in OpenAI Operator SaaS on Web allows a remote attacker to capture sensitive user input e.g., login credentials, email addresses via displaying a deceptive fullscreen interface with overlaid fake browser...

CVE-2025-7021

CVE-2025-7021 affects OpenAI Operator SaaS on Web via the Fullscreen API handling and UI rendering, enabling a remote attacker to capture sensitive user input by presenting a deceptive fullscreen interface with overlaid fake controls and distracting elements (e.g., cookie prompts). The connected ...

Ubuntu: Security Advisory (USN-7021-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7021-3)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7021-3 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

Ubuntu: Security Advisory (USN-7021-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7021-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-7021

creationtimestamp| type| source ---|---|--- 2024-01-28 01:48:16+00:00| seen| https://t.me/arpsyndicate/3153...

CVE-2023-7021

creationtimestamp| type| source ---|---|--- 2023-12-21 02:22:31+00:00| seen| https://t.me/ctinow/157464 2023-12-28 01:16:25+00:00| seen| https://t.me/ctinow/159867 2024-01-13 16:56:29+00:00| seen| https://t.me/ctinow/167873...

CVE-2023-7021 Tongda OA 2017 delete_search.php sql injection

A vulnerability was found in Tongda OA 2017 up to 11.9. It has been classified as critical. Affected is an unknown function of the file general/vehicle/checkup/deletesearch.php. The manipulation of the argument VUID leads to sql injection. It is possible to launch the attack remotely. The exploit...

CVE-2023-7021

CVE-2023-7021 affects Tongda OA 2017 up to v11.9. Affected is an unknown function in the file general/vehicle/checkup/delete_search.php where manipulating the VU_ID parameter leads to a SQL injection. The vulnerability can be exploited remotely and the exploit has been disclosed publicly. Upgradi...

RHEL 8 : thunderbird (RHSA-2022:7021)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:7021 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Security Fixes: expat: a...

Security Bulletin: Multiple security vulnerabilities have been identified in Elasticsearch shipped with IBM Tivoli Netcool Impact

Summary Elasticsearch is shipped with IBM Tivoli Netcool Impact, Information about multiple security vulnerabilities affecting elasticsearch has been published in a security bulletin. Vulnerability Details CVEID: CVE-2020-7020 DESCRIPTION: Elastic Enterprise Search could allow a remote...

CVE-2020-7021 affecting package rubygem-elasticsearch 7.6.0-1

CVE-2020-7021 affecting package rubygem-elasticsearch 7.6.0-1. An upgraded version of the package is available that resolves this issue...

com.amazon.opendistroforelasticsearch:opendistro_security (>=1.0.0.0 <=1.0.0.2), com.amazon.opendistroforelasticsearch:opendistro_security_advanced_modules (>=1.0.0.0 <=1.0.0.2) +37 more potentially affected by CVE-2020-7021 via org.elasticsearch:elasticsearch (>=7.0.0 <=7.0.1)

org.elasticsearch:elasticsearch MAVEN version =7.0.0, =1.0.0.0, =1.0.0.0, =1.31.2, =0.1.3, =7.0.0-35.0.0-beta1, =7.0.0-35.0.0-beta1, =0.1, =4.2, =4.2, =4.2, =1.1, =1.3 and more Source cves: CVE-2020-7021 Source advisory: OSV:GHSA-CQGV-256R-M9R8...

Security Bulletin: Multiple vulnerabilities may affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) offline documentation

Summary IBM Business Process Manager and IBM Business Automation Workflow offline documentation packages open source libraries with known vulnerabilities. Do not install offline documentation and remove existing installations with the fix provided below. Vulnerability Details CVEID: CVE-2021-2335...

Security Bulletin: IBM Cloud Private is vulnerable to Elastic vulnerabilities (CVE-2020-7021 )

Summary IBM Cloud Private is vulnerable to Elastic vulnerabilities Vulnerability Details CVEID: CVE-2020-7021 DESCRIPTION: Elasticsearch could allow a local authenticated attacker to obtain sensitive information, caused by an error when audit logging and the emitrequestbody option is enabled. By...