MiracleLinux 7 : rh-postgresql95-postgresql-9.5.7-2.el7 (AXSA:2017-1726:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1726:01 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll ne...

CVE-2019-7486

Code injection in SonicWall SMA100 allows an authenticated user to execute arbitrary code in viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.4 and earlier...

MINI-7486-766Q-HF62

Bulletin has no description...

WordPress Ebook Store plugin <= 5.8012 - Authenticated (Administrator+) Stored Cross-Site Scripting via Order Details vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via Order Details vulnerability discovered by Bee in WordPress Plugin Ebook Store versions = 5.8012...

Linux Distros Unpatched Vulnerability : CVE-2017-7486

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pgusermappings view which discloses foreign server passwords to any user having USAGE...

K000148899: PostgreSQL vulnerabilities CVE-2018-1058, CVE-2018-1053, CVE-2017-7547, CVE-2017-7486, and CVE-2017-7484

Security Advisory Description CVE-2018-1058 A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are...

RHEL 8 : kernel (RHSA-2024:7486)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:7486 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: afunix: Fix garbage collector...

CVE-2024-7486

creationtimestamp| type| source ---|---|--- 2024-08-08 04:41:21+00:00| seen| https://t.me/cvedetector/2743...

CVE-2024-7486 MultiPurpose <= 1.2.0 - Authenticated (Contributor+) PHP Object Injection

The MultiPurpose theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.0 via deserialization of untrusted input through the 'wpedenpostmeta' post meta. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2024-7486

CVE-2024-7486 affects the MultiPurpose WordPress theme (all versions up to 1.2.0) via PHP Object Injection from deserializing untrusted input in wpeden_post_meta. Exploitation requires at least Contributor+ authentication; no POP chain is present in the core, but a POP chain from a compatible plu...

BELL-CVE-2017-7486 CVE-2017-7486 does not affect BellSoft software

Bulletin has no description...

SUSE: Security Advisory (SUSE-SU-2017:1783-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1690-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1441-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-7486

CVE-2020-7486 affects Tricon system TCMs: versions 10.0.0 through 10.4.x in Tricon v10.0–v10.4.x are vulnerable to an uncontrolled resource consumption that can cause TCMs to reset under high network load, yielding a denial-of-service condition on the safety controller. Remediation is available i...

Huawei EulerOS: Security Advisory for posrgresql (EulerOS-SA-2017-1216)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-7486

Open-Xchange AppSuite contains a Cross-Site Scripting (XSS) vulnerability in the backend that allows remote attackers to inject script or HTML via the body of an email. Affected versions for this CVE-2013-7486 are Open-Xchange AppSuite 7.2.x prior to 7.2.2-rev27 and 7.4.x prior to 7.4.0-rev20. Th...

CVE-2013-7486

Cross-site scripting XSS vulnerability in the backend in Open-Xchange OX AppSuite 7.2.x before 7.2.2-rev27 and 7.4.x before 7.4.0-rev20 allows remote attackers to inject arbitrary web script or HTML via the body of an email. NOTE: this vulnerability was SPLIT from CVE-2013-6242 because it affects...

CVE-2019-7486

CVE-2019-7486 describes a code injection vulnerability in SonicWall SMA100 where an authenticated user can execute arbitrary code via the viewcacert CGI script. Affected: SMA100 versions 9.0.0.4 and earlier. The issue enables remote or local? The provided documents specify that exploitation requi...

SonicWall SMA100 Authenticated Code injection

Code injection in SonicWall SMA100 allows an authenticated user to execute arbitrary code in viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.4 and earlier. CVE: CVE-2019-7486 Last updated: March 6, 2020, 5:42 a.m...