MiracleLinux 7 : python-2.7.5-34.0.1.el7.AXS7 (AXSA:2015-803:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-803:01 advisory. IPy is a Python module for handling IPv4 and IPv6 Addresses and Networks in a fashion similar to perl's Net::IP and friends. The IP class allows a...

MiracleLinux 4 : python-2.6.6-64.0.1.AXS4 (AXSA:2015-418:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-418:02 advisory. Coherence is a framework written in Python enabling applications to participate in digital living networks, such as the UPnP universe. Security issue...

CVE-2019-7185

This cross-site scripting XSS vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recommend updating Music Station to their latest versions...

CVE-2025-7185

A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /approve.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to th...

CVE-2025-7185

The CVE-2025-7185 vulnerability affects code-projects Library System 1.0, specifically the /approve.php file where manipulating the ID parameter induces an SQL injection. Exploitation is remote and publicly disclosed, with multiple sources confirming a SQL injection path and potential impact on c...

Linux Distros Unpatched Vulnerability : CVE-2014-7185

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large siz...

Linux Distros Unpatched Vulnerability : CVE-2018-7185

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service disruption by continually sending a packet with a...

CVE-2024-7185

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182B20201102 and classified as critical. Affected by this issue is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument webWlanIdx leads to buffer overflow. The attack may be launched remotely. The...

CVE-2024-7185

creationtimestamp| type| source ---|---|--- 2024-07-29 08:45:47+00:00| seen| https://t.me/cvedetector/1806...

RHEL 6 : ntp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ntp: Using port 123 for modes where a fixed port number is not required facilitates off-path attacks...

RHEL 8 : ntp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ntp: decodearr can write beyond its buffer limit CVE-2018-7183 - ntpd in ntp 4.2.x before 4.2.8p7 and 4.3...

RHEL 7 : ntp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ntp: Using port 123 for modes where a fixed port number is not required facilitates off-path attacks...

CVE-2023-7185

creationtimestamp| type| source ---|---|--- 2023-12-31 13:26:37+00:00| seen| https://t.me/ctinow/161078 2024-01-01 01:31:59+00:00| seen| https://t.me/cibsecurity/74067 2024-01-22 08:06:49+00:00| seen| https://t.me/ctinow/171019...

CVE-2023-7185 7-card Fakabao wxpay_notify.php sql injection

A vulnerability was found in 7-card Fakabao up to 1.0build20230805. It has been classified as critical. This affects an unknown part of the file shop/wxpaynotify.php. The manipulation of the argument outtradeno leads to sql injection. The exploit has been disclosed to the public and may be used...

CVE-2023-7185

CVE-2023-7185 affects 7-card Fakabao up to version 1.0_build20230805. A SQL injection vulnerability exists in the file shop/wxpay_notify.php, triggered by manipulating the argument out_trade_no. The vulnerability’s root cause is tied to an unknown function in that file. It is classified as critic...

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in NTP

Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in NTP. Vulnerability Details CVEID: CVE-2018-7185 DESCRIPTION: NTP is vulnerable to a denial of service. By sending specially crafted packets, a remote authenticated attacker could exploit this...

F5 Networks BIG-IP : NTP vulnerability (K04912972)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K04912972 advisory. The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service disruption by...

K04912972: NTP vulnerability CVE-2018-7185

Security Advisory Description The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service disruption by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim...

K78825687: Python and Jython vulnerability CVE-2014-7185

Security Advisory Description Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function. CVE-2014-7185 Impact An attacker that is able to control arguments in...

SUSE CVE-2018-7185

The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service disruption by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association...