CVE-2026-7278

creationtimestamp| type| source ---|---|--- 2026-04-29 12:50:14+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mkn56yjc7r2m 2026-05-12 16:46:39+00:00| seen| https://vulnerability.circl.lu/bundle/20100033-b137-47a0-b98c-568c18deda5a...

CVE-2025-7278

IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...

CVE-2025-7278

IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...

CVE-2025-7278 IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability

IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...

CVE-2025-7278

CVE-2025-7278 affects the IrfanView CADImage Plugin. The vulnerability lies in DXF file parsing where insufficient validation of user-supplied data can cause a memory corruption condition, enabling remote code execution in the plugin’s process. Attacks require user interaction (visiting a malicio...

CVE-2024-7278

creationtimestamp| type| source ---|---|--- 2024-07-31 04:17:36+00:00| seen| https://t.me/cvedetector/2088...

CVE-2024-7278

A vulnerability was found in itsourcecode Alton Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/teamsave.php. The manipulation of the argument team leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...

CVE-2024-7278 itsourcecode Alton Management System team_save.php sql injection

A vulnerability was found in itsourcecode Alton Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/teamsave.php. The manipulation of the argument team leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...

CVE-2020-7278

Exploiting incorrectly configured access control security levels vulnerability in ENS Firewall in McAfee Endpoint Security ENS for Windows prior to 10.7.0 April 2020 and 10.6.1 April 2020 updates allows remote attackers and local users to allow or block unauthorized traffic via pre-existing rules...

CVE-2020-7278

McAfee Endpoint Security (ENS) Firewall for Windows is affected by CVE-2020-7278 due to an access-control rule handling flaw. The issue arises in ENS versions prior to 10.7.0 (Feb 2020/April 2020 updates) and 10.6.1 (April 2020 update), where pre-existing firewall rules are not properly enforced ...

CVE-2019-7278

Optergy Proton/Enterprise devices have an Unauthenticated SMS Sending Service...

CVE-2019-7278

CVE-2019-7278 affects Optergy Proton/Enterprise Building Management System. Root cause: Exposed Dangerous Method or Function (CWE-749) allowing unauthenticated access to a sensitive function. Impact: cryptic in public docs, but CVSSv3 base score is 7.3 (medium-high) with network access, no user i...

CVE-2019-7278

Optergy Proton/Enterprise devices have an Unauthenticated SMS Sending Service...

CVE-2018-7278

An issue was discovered on RLE Protocol Converter FDS-PC / FDS-PC-DP 2.1 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP...

CVE-2018-7278

The CVE-2018-7278 entry affects RLE Protocol Converter FDS-PC / FDS-PC-DP 2.1 devices. The vulnerability is a persistent XSS in the web server, exploitable by remote attackers through the device’s BACnet implementation to inject arbitrary JavaScript. This is described across multiple sources (NVD...

Cambium ePMP 1000 'ping' Command Injection (up to v2.5)

This module exploits an OS Command Injection vulnerability in Cambium ePMP 1000 Authors Karn Ganeshen This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cambium ePMP 1000 'ping' Command Injection ...

CVE-2017-7278

Technical details about CVE-2017-7278 are not public in the provided documents. No affected products, root cause, or remediation are specified here. Monitor for updates from official advisories.

CVE-2016-7278

CVE-2016-7278 affects Microsoft Internet Explorer 9–11 and is described as an information-disclosure vulnerability by the Windows Hyperlink Object Library, allowing remote attackers to read memory contents via a crafted web site. Affected product: IE (IE9–IE11). Root cause: information disclosure...

SRC-2016-0045 : Microsoft Internet Explorer HyperlinkString Out-Of-Bounds Read Information Disclosure Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to disclose information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2014-7278

CVE-2014-7278 affects ZyXEL SBG-3300 Security Gateway (firmware 1.00(AADY.4)C0 and earlier). The vulnerability allows remote attackers to trigger a Denial of Service by injecting JavaScript in the loginMsg used by the login page’s welcome message form, causing a persistent web-interface outage. T...