CVE-2026-7301 CVE-2026-7301

SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads on incoming messages, enabling RCE when exposed to the internet...

CVE-2025-7301

IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...

CVE-2025-7301 IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability

IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...

CVE-2025-7301

creationtimestamp| type| source ---|---|--- 2025-07-08 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-548/ 2025-07-22 03:54:23+00:00| seen| MISP/a3c5beab-b790-4171-8b4c-02c8a9678071 2025-09-09 11:53:38+00:00| seen| MISP/a3c5beab-b790-4171-8b4c-02c8a9678071...

Linux Distros Unpatched Vulnerability : CVE-2017-7301

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an aoutlinkaddsymbols function in bfd/aoutx.h that has an off-by-one...

CVE-2024-7301

creationtimestamp| type| source ---|---|--- 2024-08-16 07:52:12+00:00| seen| https://t.me/cvedetector/3323...

CVE-2024-7301 WordPress File Upload <= 4.24.8 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload

The WordPress File Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.24.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

WordPress WordPress File Upload Plugin <= 4.24.8 is vulnerable to Cross Site Scripting (XSS)

Software WordPress File Upload Type Plugin Vulnerable versions = 4.24.8 Fixed in 4.24.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7301 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID a1f4d9ddbee7 Credits wesley wcraft...

Malicious code in wlwz-2312-7301 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83723498e2abd4b0240d5838319878bf60c070665eb9bd18aed632ae53d371f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-828 Malicious code in wlwz-2312-7301 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83723498e2abd4b0240d5838319878bf60c070665eb9bd18aed632ae53d371f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE: Security Advisory (SUSE-SU-2017:3170-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

McAfee Data Loss Prevention ePO extension Multiple Vulnerabilities (SB10326)

The remote host is running a version of McAfee ePolicy Orchestrator that is affected by multiple vulnerabilities, including the following: - Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention DLP ePO extension prior to 11.5.3 allows authenticated attackers to upload...

CVE-2020-7301

CVE-2020-7301 concerns the McAfee Data Loss Prevention (DLP) ePO extension prior to version 11.5.3. The vulnerability is a Cross Site Scripting (XSS) flaw within the DLP case management file-upload tab, exploited by authenticated users to trigger alerts. The provided documents confirm the affecte...

Zen Load Balancer 3.10.1 - Remote Code Execution Exploit

Exploit for cgi platform in category web applications Exploit Title: Zen Load Balancer 3.10.1 - Remote Code Execution Google Dork: no Exploit Author: Cody Sixteen Vendor Homepage: https://code610.blogspot.com Software Link:...

Zen Load Balancer 3.10.1 - Remote Code Execution

Zen Load Balancer 3.10.1 - Remote Code Execution Exploit Title: Zen Load Balancer 3.10.1 - Remote Code Execution Google Dork: no Date: 2020-03-28 Exploit Author: Cody Sixteen Vendor Homepage: https://code610.blogspot.com Software Link:...

Zen Load Balancer 3.10.1 - Remote Code Execution

Exploit Title: Zen Load Balancer 3.10.1 - Remote Code Execution Google Dork: no Date: 2020-03-28 Exploit Author: Cody Sixteen Vendor Homepage: https://code610.blogspot.com Software Link: https://sourceforge.net/projects/zenloadbalancer/files/Distro/zenloadbalancer-distro3.10.1.iso/download Versio...

CVE-2014-7301

creationtimestamp| type| source ---|---|--- 2020-01-27 21:38:04+00:00| seen| https://t.me/cveNotify/468...

CVE-2014-7301

SGI Tempo (SGI ICE-X) is affected by CVE-2014-7301 due to insecurely set permissions on /etc/odapw, allowing local users to read the file and access password data for the system database (oscar). Root cause is world-readable permissions on the /etc/odapw file, enabling read access to sensitive cr...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-1799)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-7301

Zen Load Balancer 3.10.1 allows remote authenticated admin users to execute arbitrary commands as root via shell metacharacters in the index.cgi?action=ViewCert certname parameter...