CGA-9FHM-7634-JP5P

Bulletin has no description...

CGA-7634-MF77-6X9H

Bulletin has no description...

CVE-2025-7634

The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.6.7 via the mode parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on th...

CVE-2025-7634

creationtimestamp| type| source ---|---|--- 2025-10-09 06:03:16+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m2qibd3ptv2s 2025-10-09 06:42:32+00:00| seen| https://gist.github.com/Darkcrai86/feb21292424b5d1ee93a2766e9280b45...

MAL-2025-7634 Malicious code in @crabas0npm2/corporis-maxime-neque (npm)

The package @crabas0npm2/corporis-maxime-neque was found to contain malicious code...

CVE-2020-7634

heroku-addonpool through 0.1.15 is vulnerable to Command Injection...

CVE-2024-7634

creationtimestamp| type| source ---|---|--- 2024-08-22 21:03:36+00:00| seen| https://t.me/cvedetector/3944...

K000140630: NGINX Agent vulnerability CVE-2024-7634

Security Advisory Description NGINX Agent's configdirs restriction feature allows a highly privileged attacker to gain the ability to write/overwrite files outside of the designated secure directory. CVE-2024-7634 Impact Under the default configuration, a user can overwrite arbitrary files on any...

SUSE CVE-2015-7634

Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service...

CVE-2020-7634

creationtimestamp| type| source ---|---|--- 2021-12-09 19:52:03+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-3q9x-w53p-jg53...

CVE-2019-7634

CVE-2019-7634 affects the SUAP V2 web application, where a cross-site scripting (XSS) flaw occurs during the update of user information. Connected sources indicate the root cause as insufficient validation of client data, enabling injection of script in user-update flows. The NVD metrics show a n...

CVE-2020-7634

CVE-2020-7634 affects the npm package heroku-addonpool up to version 0.1.15. The vulnerability is a command injection flaw where the second parameter of the exported function HerokuAddonPool(id, app, opt) can be controlled by an attacker without sanitization. A PoC demonstrates exploiting this to...

CVE-2020-7634

heroku-addonpool through 0.1.15 is vulnerable to Command Injection...

CVE-2019-6746

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Studio Photo 3.6.6. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2019-6746

Foxit Studio Photo 3.6.6 (and earlier) is affected by a TIF file handling flaw that can disclose sensitive information due to a read past the end of an allocated structure. The issue requires user interaction (visiting a malicious page or opening a malicious file) and, per the sources, could be l...

CVE-2019-6746

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Studio Photo 3.6.6. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2017-7634

CVE-2017-7634 is a cross-site scripting (XSS) vulnerability in the QNAP NAS application Media Streaming add-on (versions 421.1.0.2, 430.1.2.0, and earlier). The issue allows remote attackers to inject arbitrary web script or HTML when a user clicks a crafted link; the injected code is triggered o...

CVE-2018-7634

CVE-2018-7634 describes a CSRF flaw in Enalean Tuleap 9.17 where the change-email functionality lacks CSRF mitigation. This allows a CSRF attacker to cause a victim to update their registered email, potentially leading to account takeover. The root cause is insufficient CSRF protection in the ema...

CVE-2016-7634

An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Accessibility" component, which accepts spoken passwords without considering that they are locally audible...

CVE-2016-7634

CVE-2016-7634 affects iOS prior to 10.2 in the Accessibility component. The vulnerability allows a nearby user to overhear spoken passwords because the system could disclose passwords spoken by VoiceOver/Accessibility without considering they are locally audible. Apple’s patch for iOS 10.2 disabl...