RockyLinux 8 : nghttp2 (RLSA-2026:7667)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:7667 advisory. nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination CVE-2026-27135 Tenable has extracted the preceding description block...

Oracle Linux 8 : nghttp2 (ELSA-2026-7667)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-7667 advisory. 1.33.0-6.2 - fix Denial of service: Assertion failure due to the missing state validation CVE-2026-27135 Tenable has extracted the preceding description block...

MINI-7667-WXJ8-P5QP

Bulletin has no description...

CGA-4R93-7667-FVXW

Bulletin has no description...

RHSA-2023:7667

creationtimestamp| type| source ---|---|--- 2025-08-01 15:49:22+00:00| seen| Telegram/vqMv-pw9KY3Z5TMAkCKFJ81O0KEk3Kk9SHClQG6teUoaj50 2025-08-02 14:50:53+00:00| seen| Telegram/O48YTDst3MKwqXTmoA7eKUU-Al4YKF5xmz2EhGo0DjbdKvM 2025-08-02 17:49:06+00:00| seen|...

CVE-2025-7667

The Restrict File Access plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the 'restrict-file-access' page. This makes it possible for unauthenticated attackers to to delete arbitra...

CVE-2025-7667

The Restrict File Access plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the 'restrict-file-access' page. This makes it possible for unauthenticated attackers to to delete arbitra...

WordPress Restrict File Access plugin <= 1.1.2 - Cross-Site Request Forgery to Arbitrary File Deletion vulnerability

Cross-Site Request Forgery to Arbitrary File Deletion vulnerability discovered by johska in WordPress Plugin Restrict File Access versions = 1.1.2...

CVE-2025-7667 Restrict File Access <= 1.1.2 - Cross-Site Request Forgery to Arbitrary File Deletion

The Restrict File Access plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the 'restrict-file-access' page. This makes it possible for unauthenticated attackers to to delete arbitra...

CVE-2025-7667 Restrict File Access <= 1.1.2 - Cross-Site Request Forgery to Arbitrary File Deletion

The Restrict File Access plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the 'restrict-file-access' page. This makes it possible for unauthenticated attackers to to delete arbitra...

CVE-2025-7667

CVE-2025-7667 documents confirm a CSRF to Arbitrary File Deletion in the WordPress plugin Restrict File Access (versions up to and including 1.1.2). Root cause: missing/incorrect nonce validation on the restrict-file-access page, enabling unauthenticated attackers to forge requests that delete se...

CVE-2024-7667

A vulnerability, which was classified as critical, was found in SourceCodester Car Driving School Management System 1.0. This affects the function deleteusers of the file User.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-7667

A vulnerability, which was classified as critical, was found in SourceCodester Car Driving School Management System 1.0. This affects the function deleteusers of the file User.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-7667

CVE-2024-7667 affects SourceCodester Car Driving School Management System 1.0, specifically the delete_users function in User.php. The vulnerability arises from improper handling of the id argument, enabling SQL injection. Exploitation can be performed remotely, and public disclosures exist. Conn...

CVE-2024-7667 SourceCodester Car Driving School Management System User.php delete_users sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Car Driving School Management System 1.0. This affects the function deleteusers of the file User.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...

RHEL 8 : postgresql:12 (RHSA-2023:7667)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7667 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: schemaelement defeats protective...

SUSE CVE-2018-7667

Adminer through 4.3.1 has SSRF via the server parameter...

Prima Systems FlexAir Authentication Bypass (CVE-2019-7667)

An authentication bypass vulnerability exists in Prima Systems FlexAir Access Control Database. Successful exploitation of this vulnerability could allow an attacker to download the database file, disclose login information, and have full access to the system...

Prima FlexAir Access Control 2.3.35 Database Backup Predictable Name

!/usr/bin/env python -- coding: utf8 -- Prima FlexAir Access Control 2.3.35 Database Backup Predictable Name Exploit Authentication Bypass Login with MD5 hash CVE: CVE-2019-7666, CVE-2019-7667 Advisory: https://applied-risk.com/resources/ar-2019-007 Paper:...

FlexAir Access Control 2.3.35 - Authentication Bypass

Exploit Title: FlexAir Access Control 2.3.35 - Authentication Bypass Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/ Version: 2.3.35 Tested on: NA...