Linux Distros Unpatched Vulnerability : CVE-2025-7657

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Debian: Security Advisory (DSA-5963-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Edge (Chromium-Based) < 138.0.3351.95 Multiple Vulnerabilities (Jun 2025)

Microsoft Edge Chromium-Based is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Chromium: CVE-2025-7657 Use after free in WebRTC

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2025-7657

creationtimestamp| type| source ---|---|--- 2025-07-16 12:17:24+00:00| seen| https://vulnerability.circl.lu/bundle/b205087a-783f-4a89-b594-104ef807c79c 2025-07-16 13:22:59+00:00| seen| https://t.me/truesecator/7238 2025-07-16 19:21:31+00:00| seen|...

CVE-2025-7657

Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High Mitigation Mitigation for this issue is either not available or the currently available options do not meet...

CVE-2025-7657

Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-7657

Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-7657

Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-7657

Chrome/WebRTC use-after-free vulnerability CVE-2025-7657 in WebRTC (Chromium) allows remote heap corruption via a crafted HTML page. Affected product/version: Google Chrome/Chromium prior to 138.0.7204.157. Impact and details are as stated in the sources: heap corruption risk with potential remot...

Google Chrome < 138.0.7204.157 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 138.0.7204.157. It is, therefore, affected by multiple vulnerabilities as referenced in the 202507stable-channel-update-for-desktop15 advisory. - Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a...

CVE-2024-7657

A vulnerability classified as problematic was found in Gila CMS 1.10.9. This vulnerability affects unknown code of the file /cm/updaterows/page?id=2 of the component HTTP POST Request Handler. The manipulation of the argument content leads to cross site scripting. The attack can be initiated...

CVE-2024-7657 Gila CMS HTTP POST Request page cross site scripting

A vulnerability classified as problematic was found in Gila CMS 1.10.9. This vulnerability affects unknown code of the file /cm/updaterows/page?id=2 of the component HTTP POST Request Handler. The manipulation of the argument content leads to cross site scripting. The attack can be initiated...

CVE-2024-7657

CVE-2024-7657 — Gila CMS 1.10.9 : A cross-site scripting vulnerability exists in the HTTP POST Request Handler, via the content parameter in the endpoint /cm/update_rows/page?id=2. The issue is triggered by manipulating the argument content, allowing remote exploitation. Multiple sources consiste...

K10002140: Eclipse Jetty vulnerabilities CVE-2017-7657 and CVE-2017-7658

Security Advisory Description In Eclipse Jetty, versions 9.2.x and older, 9.3.x all configurations, and 9.4.x non-default configuration with RFC2616 compliance enabled, transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk...

Security Bulletin: Tivoli Netcool/Omnibus installation contains vulnerable Eclipse Jetty code libraries (Multiple CVEs)

Summary The 'Netcool MIb Manager GUI' use a version of the Eclipse Jetty libary that contains known vulnerabilities. These vulnerabilities have been addressed by an upgrade to Jetty 9.3.29. Vulnerability Details CVEID: CVE-2017-7657 DESCRIPTION: Eclipse Jetty is vulnerable to HTTP request...

CVE-2017-7657

creationtimestamp| type| source ---|---|--- 2021-08-25 13:22:18+00:00| seen| https://t.me/truesecator/2035...

Security Bulletin: Multiple vulnerabilities in Jasper used in Jetty 8.1.3 Server where Rational Synergy is deployed

Summary There are multiple vulnerabilities in Jasper, Version 2 Service Refresh 2 Fix Pack 2, used by Jetty 8.1.3 is affecting IBM Rational Synergy. Vulnerability Details The following are the list of vulnerabilities affecting IBM Rational Synergy: CVEID: CVE-2018-12538 DESCRIPTION: Eclipse Jetty...

JFrog < 7.11.1 Multiple Vulnerabilities

According to its self-reported version number, the version of JFrog Artifactory installed on the remote host is prior to 7.11.1. It is, therefore, affected by multiple vulnerabilities: - A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This...

Security Bulletin: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. IBM Rational Performance Tester is affected by this vulnerability.

Summary Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of chunked transfer-encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct...