MAL-2025-7205 Malicious code in @crabas0npm/commodi-ut-quisquam (npm)

The package @crabas0npm/commodi-ut-quisquam was found to contain malicious code...

CVE-2025-7205 GiveWP – Donation Plugin and Fundraising Platform <= 4.5.0 - Authenticated (GiveWP worker+) Stored Cross-Site Scripting

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the donor notes parameter in all versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

WordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 4.5.0 - Authenticated (GiveWP worker+) Stored Cross-Site Scripting vulnerability

Authenticated GiveWP worker+ Stored Cross-Site Scripting vulnerability discovered by Brian Sans-Souci liardom in WordPress Plugin GiveWP versions = 4.5.0...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Django vulnerability (USN-7205-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by a vulnerability as referenced in the USN-7205-1 advisory. It was discovered that Django incorrectly handled certain IPv6 strings. An attacker could possibly use this issue to cause a denia...

CVE-2024-7205

creationtimestamp| type| source ---|---|--- 2024-07-31 09:18:36+00:00| seen| https://t.me/cvedetector/2107 2024-07-31 11:45:25+00:00| published-proof-of-concept| https://t.me/HackingInsights/8115 2025-08-15 09:04:21+00:00| seen| https://bsky.app/profile/0xor0ne.bsky.social/post/3lwgiqf4wjs26...

CVE-2024-7205

CVE-2024-7205 affects eWeLink Cloud Service, specifically the homepage module prior to version 2.19.0. When a device is shared, a secondary user can take over control as the primary user by disclosed unnecessary device-sensitive information. The CVSS data in the initial document indicates high im...

Malicious code in wlwz-2312-7205 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea73b639a1b340ad8d08bcc6f153574202cdb00fb27a20a15e92c027ac3fb064 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-823 Malicious code in wlwz-2312-7205 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea73b639a1b340ad8d08bcc6f153574202cdb00fb27a20a15e92c027ac3fb064 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Oracle Linux 8 : nodejs:20 (ELSA-2023-7205)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7205 advisory. - Fixes CVE-2023-44487 nghttp Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

SUSE CVE-2015-7205

Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP...

Mageia: Security Advisory (MGASA-2014-0010)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:2336-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:2334-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-7205

creationtimestamp| type| source ---|---|--- 2020-07-30 18:52:41+00:00| seen| https://t.me/cKure/1586...

CVE-2020-7205

CVE-2020-7205 affects HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting Toolkit. The root cause is insmod usage in GRUB2, enabling local code execution during the boot process. The issue is mitigated by HPE GRUB2 patches included in updated boot images (Intelligent Provis...

Liferay Portal JSON Web Service RCE Vulnerabilities (CST-7111, CST-7205)

Liferay Portal is prone to multiple remote code execution RCE vulnerabilities in the JSON web service. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Buffer Overflow

Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird...

Improper Access Control

Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird...

Debian: Security Advisory (DLA-1615-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...