70 matches found
MINI-96GX-93HR-7574
Bulletin has no description...
MiracleLinux 8 : SDL-1.2.15-38.el8 (AXSA:2021-1321:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1321:01 advisory. SDL: buffer over-read in IMAADPCMnibble in audio/SDLwave.c CVE-2019-7572 SDL: heap-based buffer overflow in MSADPCMdecode in audio/SDLwave.c...
CVE-2020-7574
A vulnerability has been identified in Climatix POL908 BACnet/IP module All versions, Climatix POL909 AWM module All versions V11.32. A persistent cross-site scripting XSS vulnerability exists in the "Server Config" web interface of the affected devices that could allow an attacker to inject...
CVE-2025-7574
creationtimestamp| type| source ---|---|--- 2025-09-09 20:51:38+00:00| seen| MISP/e0a0042d-e47b-4875-b781-99d4428af3c2...
MAL-2025-7574 Malicious code in @crabas0npm/tempore-optio-dolor (npm)
The package @crabas0npm/tempore-optio-dolor was found to contain malicious code...
CVE-2025-7574 LB-LINK BL-WR9000 Web Interface lighttpd.cgi restore improper authentication
A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. Affected is the function reboot/restore of the file /cgi-bin/lighttpd.cgi of the component Web Interface. The manipulation leads to...
CVE-2025-7574
The CVE-2025-7574 affects LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000, up to version 20250702. The Web Interface’s /cgi-bin/lighttpd.cgi reboot/restore function is susceptible to improper authentication, enabling remote exploitation. Public disclosures exist; ...
CVE-2025-7574 LB-LINK BL-WR9000 Web Interface lighttpd.cgi restore improper authentication
A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. Affected is the function reboot/restore of the file /cgi-bin/lighttpd.cgi of the component Web Interface. The manipulation leads to...
Linux Distros Unpatched Vulnerability : CVE-2019-7574
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMAADPCMdecode in audio/SDLwave.c. CVE-2019-7574 Note tha...
WordPress Christmasify! Plugin <= 1.5.5 is vulnerable to Cross Site Request Forgery (CSRF)
Software Christmasify! Type Plugin Vulnerable versions = 1.5.5 Fixed in 1.5.6 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7574 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 1de3d7f2fe0e Credits vgo0 Required privileg...
RHEL 6 : sdl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - SDL: heap-based buffer over-read in Map1toN in video/SDLpixels.c CVE-2019-7638 - SDL Simple DirectMedia...
RHEL 5 : sdl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - SDL: heap-based buffer over-read in Map1toN in video/SDLpixels.c CVE-2019-7638 - SDL Simple DirectMedia...
RHEL 6 : sdl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - SDL: heap-based buffer over-read in Map1toN in video/SDLpixels.c CVE-2019-7638 - SDL Simple DirectMedia...
RHEL 8 : thunderbird (RHSA-2023:7574)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7574 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.5.0. Security Fixes: Mozilla:...
GLSA-202305-17 : libsdl: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202305-17 libsdl: Multiple Vulnerabilities - SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMAADPCMnibble in audio/SDLwave.c. CVE-2019-7572 - SDL Simple DirectMedia Layer through 1.2.1...
SUSE CVE-2019-7574
SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMAADPCMdecode in audio/SDLwave.c...
Debian dla-3314 : libsdl2-2.0-0 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3314 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3314-1 [email protected]...
EulerOS 2.0 SP10 : SDL (EulerOS-SA-2022-1247)
According to the versions of the SDL package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMAADPCMnibble in audio/SDLwave.c. CVE-2019-7572 - SDL...
Schneider Electric Modicon M221 PLCs and SoMachine Basic Use of Hard-Coded Cryptographic Key (CVE-2017-7574)
Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded- key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML...
EulerOS 2.0 SP9 : SDL (EulerOS-SA-2022-1038)
According to the versions of the SDL package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMAADPCMnibble in audio/SDLwave.c. CVE-2019-7572 - SDL...