CVE-2026-7508

creationtimestamp| type| source ---|---|--- 2026-05-01 02:46:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkr4ehg4il2n...

CVE-2026-7508

Bootstrap CMS 0.9.0-alpha is affected by a code-injection vulnerability in the Page Creation Handler, specifically via the file resources/views/pages/show.blade.php where manipulating the body argument triggers injection. Remote exploitation is possible and an exploit has been published. The proj...

MAL-2025-7508 Malicious code in @crabas0npm/quod-error-mollitia-impedit (npm)

The package @crabas0npm/quod-error-mollitia-impedit was found to contain malicious code...

CVE-2025-7508 code-projects Modern Bag product-update.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Modern Bag 1.0. Affected by this issue is some unknown functionality of the file /admin/product-update.php. The manipulation of the argument idProduct leads to sql injection. The attack may be launched remotely. Th...

CVE-2025-7508

The CVE-2025-7508 entry concerns code-projects Modern Bag 1.0, with a SQL injection in /admin/product-update.php arising from unsanitized manipulation of idProduct. A remote attacker could exploit this, and public exploits have been disclosed. Multiple connected sources corroborate the presence o...

Oracle Linux 10 : java-21-openjdk (ELSA-2025-7508)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7508 advisory. 1:21.0.7.0.6-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.7.0.6-1 - Update to jdk-21.0.7+6 GA - Update release notes to 21.0.7+6 - Rebase...

CVE-2020-7508

A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to gain full access by brute force...

CentOS 8 : firefox (CESA-2023:7508)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:7508 advisory. - On some systemsdepending on the graphics settings and driversit was possible to force an out-of-bounds read and leak memory data into the images...

Malicious code in wlwz-2312-7508 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2976088d1f33a5e64ad952bfc59c15cf57033bf60c6f0c32a454db43aeb06407 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Oracle Linux 8 : firefox (ELSA-2023-7508)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-7508 advisory. 115.5.0-1.0.1 - Update to 115.5.0 build1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file Tenable has extracted the...

RHEL 8 : firefox (RHSA-2023:7508)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7508 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

SUSE: Security Advisory (SUSE-SU-2017:1718-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1642-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1635-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-7508

The CVE-2020-7508 entry concerns Schneider Electric Easergy T300 (firmware 1.5.2 and older). The root cause is CWE-307: Improper Restriction of Excessive Authentication Attempts, enabling an attacker to gain full access via brute force. The connected documentation confirms the affected product an...

CVE-2020-7508

A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to gain full access by brute force...

CVE-2015-7508

Heap-based buffer overflow in the bmpdecoderle function in libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via the last row of RLE data in a crafted BMP file...

CVE-2015-7508

Heap-based buffer overflow in the bmpdecoderle function in libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via the last row of RLE data in a crafted BMP file...

CVE-2015-7508

Libnsbmp 0.1.2 is vulnerable to a heap-based buffer overflow in bmp_decode_rle (libnsbmp.c). The last row of Run-Length Encoded data can overflow libnsbmp’s bitmap buffer, enabling DoS (crash) or possibly arbitrary code execution. The connected sources confirm the issue and cite a public exploit/...

CVE-2015-7508

Heap-based buffer overflow in the bmpdecoderle function in libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via the last row of RLE data in a crafted BMP file...