CVE-2026-7571

creationtimestamp| type| source ---|---|--- 2026-05-19 13:05:04+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm7hdknyw22r...

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +174 more potentially affected by CVE-2026-7571 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.6.1)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...

CVE-2025-7571

creationtimestamp| type| source ---|---|--- 2026-01-08 20:16:47+00:00| published-proof-of-concept| Telegram/Cn8vIJLaV7iMh-CyfjikPOzCxc7p0elltwE2p2hKGqbJ5bI...

MAL-2025-7571 Malicious code in @crabas0npm/tempore-ab-quae (npm)

The package @crabas0npm/tempore-ab-quae was found to contain malicious code...

CVE-2025-7571

A vulnerability classified as critical has been found in UTT HiPER 840G up to 3.1.1-190328. This affects an unknown part of the file /goform/aspApBasicConfigUrcp. The manipulation of the argument Username leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has be...

CVE-2025-7571 UTT HiPER 840G aspApBasicConfigUrcp buffer overflow

A vulnerability classified as critical has been found in UTT HiPER 840G up to 3.1.1-190328. This affects an unknown part of the file /goform/aspApBasicConfigUrcp. The manipulation of the argument Username leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has be...

Ubuntu 14.04 LTS : c3p0 vulnerability (USN-7571-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7571-1 advisory. Aaron Massey discovered that c3p0 could be made to crash when parsing certain input. An attacker able to modify the applications XML configuration file could...

CVE-2020-7571

A CWE-79 Multiple Improper Neutralization of Input During Web Page Generation Cross-site Scripting Reflected vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote attacker to inject arbitrary web script or HTML due to incorrect sanitization of use...

CVE-2020-7571

Schneider Electric EcoStruxure Building Operation WebReports (V1.9–V3.1) is affected by a reflected Cross-site Scripting (CWE-79) due to improper input sanitization during webpage generation. A remote, authenticated user could inject arbitrary web script/HTML that may be executed in other WebRepo...

CVE-2015-7571

Vulnerability CVE-2015-7571 affects Yeager CMS 1.2.1. Unrestricted file upload can lead to remote code execution by uploading an executable file; fixed version is listed as 1.3 in vulnerability references. The available sources describe the issue and indicate upgrade/patch as remediation, but exp...

CVE-2017-7571

public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges...

CVE-2017-7571

The CVE-2017-7571 entry concerns Faveo Open Source (ticketing system) version 1.9.3, where a CSRF in public/rolechangeadmin enables privilege escalation to administrator. The vulnerability is described as CSRF leading to admin rights, with public/rolechangeadmin being the affected component and F...

Drupal Multiple Vulnerabilities (SA-CORE-2016-004) - Linux

Drupal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...

CVE-2016-7571

Cross-site scripting XSS vulnerability in Drupal 8.x before 8.1.10 allows remote attackers to inject arbitrary web script or HTML via vectors involving an HTTP exception...

CVE-2016-7571

Cross-site scripting XSS vulnerability in Drupal 8.x before 8.1.10 allows remote attackers to inject arbitrary web script or HTML via vectors involving an HTTP exception...

CVE-2016-7571

Cross-site scripting XSS vulnerability in Drupal 8.x before 8.1.10 allows remote attackers to inject arbitrary web script or HTML via vectors involving an HTTP exception...

CVE-2016-7571

CVE-2016-7571 is a Drupal XSS vulnerability affecting Drupal 8.x before 8.1.10. The issue allows remote attackers to inject arbitrary script or HTML via vectors related to handling HTTP exception messages. Documents corroborate the vulnerability under multiple sources (NVD entry, GHSA advisory, N...

Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2016-004

Users without "Administer comments" can set comment visibility on nodes they can edit. Less critical Users who have rights to edit a node, can set the visibility on comments for that node. This should be restricted to those who have the administer comments permission. Cross-site Scripting in http...

CVE-2014-7571

The CVE-2014-7571 entry concerns the Android app The Grey’s Anatomy Fan (nl.jborsje.android.tvfan.greysanatomy) version 3.7.2, which does not verify X.509 certificates when connecting to SSL servers. This allows a man-in-the-middle attacker to spoof servers and obtain sensitive information via a ...

SuSE 11.2 Security Update : dhcp (SAT Patch Number 7571)

The ISC DHCP server had a denial of service issue in handling specific DDNS requests which could cause a out of memory usage situation. CVE-2013-2266 This update also adds a dhcp6-server service template for SuSEfirewall2. bnc783002 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...