Linux Distros Unpatched Vulnerability : CVE-2026-7474

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to code execution on the client host through a path traversal attack. This vulnerability...

CVE-2026-7474

creationtimestamp| type| source ---|---|--- 2026-05-12 23:35:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mloxd4bwoj2q 2026-05-12 23:45:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mloxuz6wa42e...

ANT-2026-CN7KX43N · nomad · path-traversal

path-traversal critical CVE-2026-7474 Severity Claude critical · Security research firm critical · Maintainer - Discovered by Claude Mythos Preview REPORT Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by Doyensec. ANT-2026-CN7KX43N: nomad: path-traversal at...

CVE-2020-7474

A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProSoft Configurator v1.002 and prior, for the PMEPXM0100 H module, which could cause the execution of untrusted code when using double click to open a project file which may trigger execution of a malicious DLL...

CVE-2019-7474

A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2,...

CGA-7474-5659-XMQX

Bulletin has no description...

CVE-2025-7474

creationtimestamp| type| source ---|---|--- 2025-09-09 20:51:39+00:00| seen| MISP/e0a0042d-e47b-4875-b781-99d4428af3c2...

CGA-VMMJ-7474-2MWF

Bulletin has no description...

CVE-2025-7474

A vulnerability was found in code-projects Job Diary 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. The exploit has been disclose...

CVE-2025-7474 code-projects Job Diary search.php sql injection

A vulnerability was found in code-projects Job Diary 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. The exploit has been disclose...

CVE-2013-7474

Windu CMS 2.2 allows XSS via the name parameter to admin/content/edit or admin/content/add, or the username parameter to admin/users...

Ubuntu: Security Advisory (USN-7474-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-7474

In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference IDOR vulnerability exists. A user can view or delete external users by manipulating the 'id' parameter in the request URL. The application does not perform adequate checks on the 'id' parameter, allowing unauthorized access...

CVE-2024-7474

creationtimestamp| type| source ---|---|--- 2024-10-29 14:46:41+00:00| seen| https://t.me/cvedetector/9317...

CVE-2024-7474 IDOR in lunary-ai/lunary

In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference IDOR vulnerability exists. A user can view or delete external users by manipulating the 'id' parameter in the request URL. The application does not perform adequate checks on the 'id' parameter, allowing unauthorized access...

CVE-2024-7474 IDOR in lunary-ai/lunary

In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference IDOR vulnerability exists. A user can view or delete external users by manipulating the 'id' parameter in the request URL. The application does not perform adequate checks on the 'id' parameter, allowing unauthorized access...

CVE-2020-7474

ProSoft Configurator (v1.002 and earlier) is affected by CWE-427 Uncontrolled Search Path Element in the PMEPXM0100(H) module. The vulnerability could enable execution of untrusted code when a user double-clicks to open a project file, potentially triggering a malicious DLL. CVSS details in the s...

CVE-2013-7474

Windu CMS 2.2 is affected by a Cross-Site Scripting (XSS) vulnerability. The flaw allows injection via the name parameter in admin/content/edit or admin/content/add, or via the username parameter in admin/users. The NVD records show a CVSS base score of 4.3 (CS: Partial integrity impact, Network ...

CVE-2019-7474

CVE-2019-7474 is a SonicWall SonicOS/SonicOSv vulnerability where an authenticated read-only admin can cause the firewall to reach an unstable state by downloading a certificate with a specific extension. Affected are SonicOS Gen 5 up to 5.9.1.10, Gen 6 including 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3....

SonicOS Download Certificate in Admin GUI Could Cause System Instability

A vulnerability in SonicOS allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0,...