CVE-2026-7714

A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwafunctions.py of the component Admin Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The...

CVE-2025-7714

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Global Interactive Design Media Software Inc. Content Management System CMS allows Command Line Execution through SQL Injection.This issue affects Content Management System CMS: through 21072025...

CVE-2025-7714

creationtimestamp| type| source ---|---|--- 2026-01-29 16:00:38+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdl5ull7tu2o 2026-01-29 17:16:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdlc4a3srz23...

CVE-2025-7714 Time Based SQLi in Global Medya's PHP CMS

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Global Interactive Design Media Software Inc. Content Management System CMS allows Command Line Execution through SQL Injection. This issue affects Content Management System CMS: through 21072025...

MAL-2025-7714 Malicious code in @crabas0npm2/reprehenderit-dolor-nemo (npm)

The package @crabas0npm2/reprehenderit-dolor-nemo was found to contain malicious code...

CVE-2024-7714

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls allowing an unauthenticated user to disconnect the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 from OpenAI, thereby disabling the AI ChatB...

CVE-2019-7714

An issue was discovered in Interpeak IPWEBS on Green Hills INTEGRITY RTOS 5.0.4. It allocates 60 bytes for the HTTP Authentication header. However, when copying this header to parse, it does not check the size of the header, leading to a stack-based buffer overflow...

CVE-2024-7714

creationtimestamp| type| source ---|---|--- 2024-09-27 09:03:30+00:00| seen| https://t.me/cvedetector/6475 2024-10-09 14:33:11+00:00| seen| https://t.me/realLulzSec/19469 2024-10-09 16:08:15+00:00| published-proof-of-concept| https://t.me/CNArsenal/3297 2024-10-09 17:15:07+00:00| seen|...

CVE-2024-7714 AI Assistant with ChatGPT by AYS <= 2.0.9 - Unauthenticated AJAX Calls

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls allowing an unauthenticated user to disconnect the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 from OpenAI, thereby disabling the AI ChatB...

CVE-2024-7714 AI Assistant with ChatGPT by AYS <= 2.0.9 - Unauthenticated AJAX Calls

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls allowing an unauthenticated user to disconnect the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 from OpenAI, thereby disabling the AI ChatB...

WordPress AI ChatBot with ChatGPT and Content Generator by AYS Plugin <= 2.0.9 is vulnerable to Broken Access Control

Software AI ChatBot with ChatGPT and Content Generator by AYS Type Plugin Vulnerable versions = 2.0.9 Fixed in 2.1.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-7714 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID...

Rocky Linux 8 : postgresql:12 (RLSA-2023:7714)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:7714 advisory. - IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting...

RHEL 8 : postgresql:12 (RHSA-2023:7714)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7714 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Buffer overrun from integer overflo...

task-mule (>=1.4.14 <=1.6.0) potentially affected by CVE-2020-7714 via confucious (=0.0.10)

confucious NPM version =0.0.10 is affected by a known vulnerability. The following packages have a transitive dependency on confucious and may be impacted: - task-mule =1.4.14, =1.6.0 Source cves: CVE-2020-7714 Source advisory: OSV:GHSA-FMRR-MX6J-H3H5...

CVE-2020-7714

All versions of package confucious are vulnerable to Prototype Pollution via the set function...

CVE-2020-7714 Prototype Pollution

All versions of package confucious are vulnerable to Prototype Pollution via the set function...

CVE-2020-7714

CVE-2020-7714 affects the npm package confucious via Prototype Pollution in the set function. Affected versions are reported as prior to 0.0.13 (PT-2020-19736), with Snyk listing up to 0.0.12; multiple sources reiterate vulnerability across versions. Root cause is unsafe merging / path-based assi...

rsg-log-server (>=0.0.2 <=0.0.3), rsg-metrics-server (>=0.0.1 <=0.0.10) +1 more potentially affected by CVE-2020-7714 via confucious (>=0.0.10 <=0.0.9)

confucious NPM version =0.0.10, =0.0.2, =0.0.1, =1.1.0, =1.6.0 Source cves: CVE-2020-7714 Source advisory: SNYK:JS-CONFUCIOUS-598665...

CVE-2019-7714

An issue was discovered in Interpeak IPWEBS on Green Hills INTEGRITY RTOS 5.0.4. It allocates 60 bytes for the HTTP Authentication header. However, when copying this header to parse, it does not check the size of the header, leading to a stack-based buffer overflow...

CVE-2019-7714

CVE-2019-7714 affects Interpeak IPWEBS on Green Hills INTEGRITY RTOS 5.0.4. The issue is a stack-based buffer overflow caused by copying the HTTP Authentication header without validating header size, with a fixed 60-byte header allocation. Public details in the provided documents do not specify a...