CVE-2026-7691

A security vulnerability has been detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. Impacted is the function setsyscmd of the file /cgi-bin/adm.cgi. Such manipulation of the argument command leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2025-7691

CVE-2025-7691 is a privilege escalation issue in GitLab EE affecting all versions 16.6 ≤ v < 18.2.7, 18.3 ≤ v < 18.3.3, and 18.4 ≤ v

GitLab 16.6 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-7691)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Privilege Defined With Unsafe Actions in GitLab CVE-2025-7691 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVE...

MAL-2025-7691 Malicious code in @crabas0npm2/perspiciatis-quibusdam-neque (npm)

The package @crabas0npm2/perspiciatis-quibusdam-neque was found to contain malicious code...

CVE-2024-7691

The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks against administrators...

Linux Distros Unpatched Vulnerability : CVE-2015-7691

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The cryptoxmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service crash via crafted...

WordPress Flaming Forms Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Flaming Forms Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7691 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 74ab02fc965d Credits Bob Matyas Required...

CVE-2024-7691

creationtimestamp| type| source ---|---|--- 2024-09-02 12:12:19+00:00| seen| https://t.me/cvedetector/4610...

Rockwell Automation Stratix Denial of Service AutoKey Malicious Message (CVE-2015-7691)

Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service DoS condition or modify the time being advertised by a device acting as a...

K17530: NTP vulnerabilities CVE-2015-7691, CVE-2015-7692, and CVE-2015-7702

Security Advisory Description CVE-2015-7691 The cryptoxmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service crash via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an...

SUSE: Security Advisory (SUSE-SU-2015:2058-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2094-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

@0xgg/echomd (>=1.0.0 <=1.0.4), @budibase/client (>=3.8.2 <=3.24.3) +116 more potentially affected by CVE-2020-7691 via jspdf (>=1.0.272 <=1.5.2)

jspdf NPM version =1.0.272, =1.0.0, =3.8.2, =0.0.3, =1.0.0, =2.6.4, =1.54.0, =0.2.1, =1.1.4, =0.0.0-dev.0ebca38, =1.0.0, =0.0.98, =1.15.0-alpha.1, =1.18.11 and more Source cves: CVE-2020-7691 Source advisory: OSV:GHSA-3Q6F-8GRX-PR4V...

CVE-2020-7691 Cross-site Scripting (XSS)

In all versions of the package jspdf, it is possible to use script in order to go over the filtering regex...

CVE-2020-7691

CVE-2020-7691 : Multiple sources confirm a cross-site scripting (XSS) vulnerability in jspdf affecting all versions. The issue arises from inability to filter/validate nested script tags such as &lt;[removed]script&gt;, allowing injection of arbitrary JavaScript in the browser. Remediation: upgra...

Network Time Protocol Daemon (ntpd) 3.x / 4.x < 4.2.8p5 Denial Of Service Vulnerability

The version of the remote NTP server is 3.x or 4.x prior to 4.2.8p5. It is, therefore, affected by the following vulnerability : - he panicgate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows...

Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure (2)

Exploit for multiple platform in category web applications Details ================ Software: Fortify SSC Software Security Center Version: 17.10, 17.20 & 18.10 Homepage: https://www.microfocus.com Advisory report: https://github.com/alt3kx/CVE-2018-7691 CVE: CVE-2018-7691 CVSS: 6.5 Medium;...

CVE-2018-7691

CVE-2018-7691 affects Micro Focus Fortify Software Security Center (SSC) versions 17.10, 17.20 and 18.10. The root cause is insecure direct object references (IDOR) in the REST API: ownership of the field "authEntities" is not properly checked, allowing remote authenticated (view-only) users to r...

CVE-2018-7691 MFSBGN03835 rev.1 - Fortify Software Security Center (SSC), Remote Unauthorized Access

A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center SSC, versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access...

CVE-2018-7691

creationtimestamp| type| source ---|---|--- 2018-12-13 05:01:36+00:00| published-proof-of-concept| https://t.me/defconnews/293 2018-12-14 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/45990...