CVE-2026-7710

A security flaw has been discovered in YunaiV yudao-cloud up to 3.8.0. This affects the function doFilterInternal of the file JwtAuthenticationTokenFilter.java of the component Ruoyi-Vue-Pro. Performing a manipulation of the argument mock-token results in improper authentication. Remote...

CVE-2026-7710

creationtimestamp| type| source ---|---|--- 2026-05-04 00:32:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkygbvfube2k...

CVE-2026-7710 YunaiV yudao-cloud Ruoyi-Vue-Pro JwtAuthenticationTokenFilter.java doFilterInternal improper authentication

A security flaw has been discovered in YunaiV yudao-cloud up to 3.8.0. This affects the function doFilterInternal of the file JwtAuthenticationTokenFilter.java of the component Ruoyi-Vue-Pro. Performing a manipulation of the argument mock-token results in improper authentication. Remote...

MiracleLinux 9 : firefox-115.10.0-1.el9_3.ML.1 (AXSA:2024-7710:16)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7710:16 advisory. GetBoundName in the JIT returned the wrong object CVE-2024-3852 Out-of-bounds-read after mis-optimized switch statement CVE-2024-3854 Incorrect...

EUVD-2025-25343

Malicious code in bioql PyPI...

Ubuntu: Security Advisory (USN-7710-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 : Python vulnerabilities (USN-7710-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7710-1 advisory. It was discovered that Python inefficiently parsed maliciously crafted HTML input. An...

CVE-2025-8309

There is an improper privilege management vulnerability identified in ManageEngine's Asset Explorer, ServiceDesk Plus, ServiceDesk Plus MSP, and SupportCenter Plus products by Zohocorp. This vulnerability impacts Asset Explorer versions before 7710, ServiceDesk Plus versions before 15110,...

CVE-2025-8309

There is an improper privilege management vulnerability identified in ManageEngine's Asset Explorer, ServiceDesk Plus, ServiceDesk Plus MSP, and SupportCenter Plus products by Zohocorp. This vulnerability impacts Asset Explorer versions before 7710, ServiceDesk Plus versions before 15110,...

CVE-2025-8309 User privilege escalation vulnerability

There is an improper privilege management vulnerability identified in ManageEngine's Asset Explorer, ServiceDesk Plus, ServiceDesk Plus MSP, and SupportCenter Plus products by Zohocorp. This vulnerability impacts Asset Explorer versions before 7710, ServiceDesk Plus versions before 15110,...

CVE-2025-8309

CVE-2025-8309 affects ManageEngine AssetExplorer (versions before 7.7 Build 7710), ServiceDesk Plus (before 15.1 Build 15110), ServiceDesk Plus MSP (before 14.9 Build 14940), and SupportCenter Plus (before 14940). Root cause: overly permissive regular expression (regex) rules used in URL mapping ...

PT-2025-34135 · Manageengine · Assetexplorer +3

Name of the Vulnerable Software and Affected Versions: Asset Explorer versions prior to 7710 ServiceDesk Plus versions prior to 15110 ServiceDesk Plus MSP versions prior to 14940 SupportCenter Plus versions prior to 14940 Description: An improper privilege management issue exists in ManageEngine'...

WordPress Brave Conversion Engine (PRO) plugin <= 0.7.7 - Authentication Bypass to Administrator vulnerability

Authentication Bypass to Administrator vulnerability discovered by Thái An in WordPress Plugin Brave Conversion Engine PRO versions = 0.7.7...

CVE-2025-7710

creationtimestamp| type| source ---|---|--- 2025-08-02 13:37:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvgbwkznkc2e 2025-08-03 00:01:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lvhesq4qwl2k...

CVE-2025-7710 Brave Conversion Engine (PRO) <= 0.7.7 - Authentication Bypass to Administrator

The Brave Conversion Engine PRO plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 0.7.7. This is due to the plugin not properly restricting a claimed identity while authenticating with Facebook. This makes it possible for unauthenticated attackers t...

CVE-2025-7710 Brave Conversion Engine (PRO) <= 0.7.7 - Authentication Bypass to Administrator

The Brave Conversion Engine PRO plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 0.7.7. This is due to the plugin not properly restricting a claimed identity while authenticating with Facebook. This makes it possible for unauthenticated attackers t...

@550w-tools/cli (>=0.0.14 <=0.0.16), @550w-tools/core (>=0.0.14 <=0.0.16) +538 more potentially affected by CVE-2020-7710 via safe-eval (>=0.2.0 <=0.4.1)

safe-eval NPM version =0.2.0, =0.0.14, =0.0.14, =0.0.13, =0.0.14, =0.0.15, =1.0.1, =1.0.2, =1.0.3, =1.1.2, =0.1.16, =1.0.0, =0.3.0, =0.20.0, =2.0.295, =2.0.315 and more Source cves: CVE-2020-7710 Source advisory: OSV:GHSA-HRPQ-R399-WHGW...

CVE-2020-7710 Sandbox Escape

This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine...

CVE-2020-7710

CVE-2020-7710 affects all versions of the safe-eval package. The vulnerability arises from the package failing to restrict access to the main JavaScript context via Error objects, enabling a sandbox escape and remote code execution. Proof-of-concept payloads in advisory sources demonstrate how an...

CVE-2016-7710

CVE-2016-7710 is rejected/not used and does not represent an active vulnerability entry.