CVE-2026-7503

creationtimestamp| type| source ---|---|--- 2026-04-30 23:36:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkqrses3op2v...

CVE-2026-7503

A vulnerability was detected in code-projects for Plugin 4.1.2cu.5137. The impacted element is the function setWiFiMultipleConfig in the library /lib/cstemodules/wireless.so of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument wepkey2 results in buffer overflow. The attack can be...

CVE-2020-7503

A CWE-352: Cross-Site Request Forgery CSRF vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to execute malicious commands on behalf of a legitimate user when xsrf-token data is intercepted...

CVE-2025-7503

creationtimestamp| type| source ---|---|--- 2025-07-15 17:42:10+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3ltzh7v7v2f24 2025-07-21 00:52:15+00:00| seen| https://bsky.app/profile/nelnia.bsky.social/post/3lugrljszkk2x...

Ubuntu 24.04 LTS / 24.10 / 25.04 : h11 vulnerability (USN-7503-1)

The remote Ubuntu 24.04 LTS / 24.10 / 25.04 host has a package installed that is affected by a vulnerability as referenced in the USN-7503-1 advisory. Jeppe Bonde Weikop discovered that h11 incorrectly handled crafted HTTP requests. A remote attacker could possibly use this issue to smuggle...

RHEL 9 : cups-filters (RHSA-2024:7503)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:7503 advisory. The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System CUPS...

WordPress WooCommerce Social Login Plugin <= 2.7.5 is vulnerable to Broken Authentication

Software WooCommerce Social Login Type Plugin Vulnerable versions = 2.7.5 Fixed in 2.7.6 OWASP Top 10 A4: Insecure Design Classification Broken Authentication CVE CVE-2024-7503 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 23315c373121 Credits Truoc Phan Required...

CVE-2024-7503 WooCommerce - Social Login <= 2.7.5 - Authentication Bypass to Account Takeover

The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.5. This is due to the use of loose comparison of the activation code in the 'wooslgconfirmemailuser' function. This makes it possible for unauthenticated attackers to l...

Malicious code in wlwz-2312-7503 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 816579f52584a727d9c6d63dee7b44f18b70ac77f042c6804c4c72e41b56d163 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

RHEL 8 : thunderbird (RHSA-2023:7503)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7503 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.5.0. Security Fixes: Mozilla:...

Mageia: Security Advisory (MGASA-2016-0196)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-7503

A CWE-352: Cross-Site Request Forgery CSRF vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to execute malicious commands on behalf of a legitimate user when xsrf-token data is intercepted...

CVE-2020-7503

CVE-2020-7503 affects Schneider Electric Easergy T300 (Firmware 1.5.2 and earlier). The vulnerability is a CWE-352 CSRF issue that could allow an attacker to execute malicious commands on behalf of a legitimate user when xsrf-token data is intercepted. The connected documents confirm the vulnerab...

Important: Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update

This is a security update for JBoss EAP Continuous Delivery 14.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

Advantech WebAccess NMS DownloadAction Directory Traversal (CVE-2018-7503)

A directory traversal vulnerability exists in Advantech WebAccess NMS. The vulnerability is due to insufficient input validation on file paths in the DownloadAction servlet...

CVE-2018-7503

CVE-2018-7503 is a path traversal vulnerability affecting Advantech WebAccess family prior to 8.3.1, including WebAccess, WebAccess Dashboard, WebAccess Scada Node, and WebAccess/NMS. The root cause is improper validation in the DownloadAction/servlet pathway, allowing an attacker to disclose sen...

CVE-2015-7503

CVE-2015-7503 affects Zend Framework and Zend Crypt RSA public-key encryption. Zend Framework 2.x before 2.4.9 and 2.5.x before 2.5.2 used OPENSSL_PKCS1_PADDING (PKCS#1 v1.5) in Zend\Crypt\PublicKey\Rsa::encrypt(), enabling a Bleichenbacher-style attack to recover the RSA private key. Exploitatio...

UBUNTU-CVE-2017-7492

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-7503. Reason: This candidate is a reservation duplicate of CVE-2017-7503. Notes: All CVE users should reference CVE-2017-7503 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

CVE-2017-7492

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-7503. Reason: This candidate is a reservation duplicate of CVE-2017-7503. Notes: All CVE users should reference CVE-2017-7503 instead of this candidate. All references and descriptions in this candidate have been removed to...

PT-2023-10646 · Canonical · Resteasy

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-7503. Reason: This candidate is a reservation duplicate of CVE-2017-7503. Notes: All CVE users should reference CVE-2017-7503 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...