CVE-2026-7280

creationtimestamp| type| source ---|---|--- 2026-04-28 01:54:00+00:00| seen| https://www.twcert.org.tw/en/cp-139-10885-02d83-2.html...

CVE-2019-7280

Prima Systems FlexAir, Versions 2.3.38 and prior. The session-ID is of an insufficient length and can be exploited by brute force, which may allow a remote attacker to obtain a valid session and bypass authentication...

MAL-2025-7280 Malicious code in @crabas0npm/enim-nemo-rem-tempore (npm)

The package @crabas0npm/enim-nemo-rem-tempore was found to contain malicious code...

CVE-2025-7280

creationtimestamp| type| source ---|---|--- 2025-07-08 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-528/ 2025-09-09 20:56:44+00:00| seen| MISP/2bceffac-02c3-4c54-a709-6e253b38ec76...

CVE-2018-7280

The Ninja Forms plugin before 3.2.14 for WordPress has XSS...

CVE-2008-7280

Kernel/System/EmailParser.pm in PostmasterPOP3.pl in Open Ticket Request System OTRS before 2.2.7 does not properly handle e-mail messages containing malformed UTF-8 characters, which allows remote attackers to cause a denial of service e-mail retrieval outage via a crafted message...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Python vulnerability (USN-7280-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7280-1 advisory. It was discovered that Python incorrectly handled parsing domain names that included square brackets. A remote attacker could...

CVE-2024-7280

creationtimestamp| type| source ---|---|--- 2024-07-31 04:17:34+00:00| seen| https://t.me/cvedetector/2086...

CVE-2024-7280 SourceCodester Lot Reservation Management System view_reserved.php sql injection

A vulnerability was found in SourceCodester Lot Reservation Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/viewreserved.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The...

CVE-2024-7280 SourceCodester Lot Reservation Management System view_reserved.php sql injection

A vulnerability was found in SourceCodester Lot Reservation Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/viewreserved.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The...

RHEL 8 : kernel-rt (RHSA-2022:7280)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7280 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

McAfee VirusScan Enterprise < 8.8 Patch 15 Multiple Vulnerabilities (SB10302)

The version of McAfee VirusScan Enterprise VSE installed on the remote Windows host is prior to 8.8 Patch 15. It is, therefore, affected by multiple vulnerabilites: - Privilege Escalation vulnerability in Microsoft Windows client McTray.exe in McAfee VirusScan Enterprise VSE 8.8 prior to Patch 14...

CVE-2020-7280

Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise VSE prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing...

CVE-2020-7280

Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise VSE prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing...

CVE-2020-7280 Symbolic Link vulnerability during DAT update

Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise VSE prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing...

CVE-2020-7280

CVE-2020-7280 : Privilege escalation in McAfee VirusScan Enterprise (VSE) versions prior to 8.8 Patch 15. The issue arises during daily DAT updates where an attacker can alter the target of symbolic links, enabling local users to delete or create files they normally cannot. Timing-dependent vulne...

CVE-2019-7280

The CVE affects Prima Systems FlexAir up to version 2.3.38. The issue is that the session-ID is of insufficient length, allowing brute-force attempts to obtain a valid session and bypass authentication, potentially enabling remote access. Public references describe multiple CVEs in the same relea...

CVE-2018-7280

CVE-2018-7280 affects the WordPress Ninja Forms plugin prior to 3.2.14 (i.e., versions

CVE-2017-7280

An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0. User input is not properly filtered before being sent to a popen function. This allows for remote code execution by sending a specially crafted user variable...

CVE-2017-7280

Unitrents Enterprise Backup (before 9.0.0) contains a remote code execution vulnerability in api/includes/systems.php where user input is not properly filtered before passing to a popen call. This allows an attacker to craft a payload via user variables, leading to code execution. Products affect...