CVE-2026-7677

A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java of the component System Notice Handler. This manipulation of the argument...

MINI-MV3X-6GMX-7677

Bulletin has no description...

MINI-5RXW-7677-4JMJ

Bulletin has no description...

EUVD-2018-7677

Malware in sbrugna...

CVE-2025-7677

creationtimestamp| type| source ---|---|--- 2025-09-09 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-252-02...

CVE-2024-7677

creationtimestamp| type| source ---|---|--- 2024-08-12 15:56:17+00:00| seen| https://t.me/cvedetector/2832...

CVE-2024-7677 SourceCodester Car Driving School Management System SystemSettings.php update_settings_info cross site scripting

A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been declared as problematic. Affected by this vulnerability is the function updatesettingsinfo of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument contact/address...

CVE-2024-7677

CVE-2024-7677 affects SourceCodester Car Driving School Management System 1.0. The vulnerability is in the function update_settings_info of /classes/SystemSettings.php?f=update_settings, where manipulating the contact/address argument triggers cross-site scripting. It can be exploited remotely, a...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sssd (SUSE-SU-2024:1941-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1941-1 advisory. - CVE-2023-3758: Fixed race condition during authorization leads to GPO policies functioning inconsistent...

Ubuntu 18.04 LTS / 20.04 LTS : thenify vulnerability (USN-6016-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6016-1 advisory. It was discovered that thenify incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted inpu...

Fedora: Security Advisory for yarnpkg (FEDORA-2023-18fd476362)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 36 : yarnpkg (2023-18fd476362)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-18fd476362 advisory. Add patches for CVE-2021-43138, CVE-2022-3517, CVE-2020-7677 Tenable has extracted the preceding description block directly from the Fedora security...

Debian dla-3128 : node-thenify - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3128 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3128-1 [email protected] https://www.debian.org/lts/security/...

CVE-2020-7677

This affects the package thenify before 3.3.1. The name argument provided to the package can be controlled by users without any sanitization, and this is provided to the eval function without any sanitization...

CVE-2020-7677

This affects the package thenify before 3.3.1. The name argument provided to the package can be controlled by users without any sanitization, and this is provided to the eval function without any sanitization...

CVE-2020-7677

CVE-2020-7677 affects the node-thenify package before 3.3.1; the name argument is user-controlled and passed to eval without sanitization, enabling arbitrary code execution. Remediation: upgrade to 3.3.1 or newer (Debian LTS indicates fixed in 3.3.0-1+deb10u1).

CVE-2020-7677 Arbitrary Code Execution

This affects the package thenify before 3.3.1. The name argument provided to the package can be controlled by users without any sanitization, and this is provided to the eval function without any sanitization...

CVE-2019-7677

The CVE-2019-7677 entry describes an XSS vulnerability in Enphase Envoy R3.. , exploitable via the profileName parameter on the /home URI served over TCP port 8888. The issue is a client-side or input handling flaw that can allow injection of script/HTML, potentially affecting users accessing the...

CVE-2018-7677

A CSRF exposure exists in NetIQ Access Manager NAM 4.4 Identity Server component...

CVE-2018-7677

The CVE-2018-7677 entry applies to NetIQ Access Manager (NAM) 4.4 Identity Server component. The vulnerability arises because HTTP requests are not properly validated, creating a cross-site request forgery (CSRF) exposure. This allows an attacker to perform unauthorized operations against the aff...