MINI-9J84-7727-VFHF

Bulletin has no description...

MAL-2025-7727 Malicious code in @crabas0npm2/vel-sapiente-accusamus (npm)

The package @crabas0npm2/vel-sapiente-accusamus was found to contain malicious code...

CVE-2025-7727

creationtimestamp| type| source ---|---|--- 2025-08-06 06:54:27+00:00| seen| Telegram/8wdvtvpnJByIVwpboHFDpdurKLKrZ4m3SGfsdHXRud6tg...

CVE-2025-7727 Gutenverse <= 3.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text and Fun Fact Blocks

The Gutenverse plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text and Fun Fact blocks in all versions up to, and including, 3.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress Gutenverse plugin <= 3.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text and Fun Fact Blocks vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Animated Text and Fun Fact Blocks vulnerability discovered by zer0gh0st in WordPress Plugin Gutenverse versions = 3.1.0...

CGA-V78Q-7727-6QR2

Bulletin has no description...

CVE-2024-7727

creationtimestamp| type| source ---|---|--- 2024-09-11 07:48:55+00:00| seen| https://t.me/cvedetector/5331...

CVE-2024-7727 HTML5 Video Player – mp4 Video Player Plugin and Block <= 2.5.32 - Missing Authorization in multiple functions via h5vp_ajax_handler

The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions called via the 'h5vpajaxhandler' ajax action in all versions up to, and including, 2.5.32. This makes it possible fo...

CVE-2024-7727 HTML5 Video Player – mp4 Video Player Plugin and Block <= 2.5.32 - Missing Authorization in multiple functions via h5vp_ajax_handler

The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions called via the 'h5vpajaxhandler' ajax action in all versions up to, and including, 2.5.32. This makes it possible fo...

WordPress Flash & HTML5 Video Plugin <= 2.5.32 is vulnerable to Broken Access Control

Software Flash & HTML5 Video Type Plugin Vulnerable versions = 2.5.32 Fixed in 2.5.33 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-7727 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID b5ae27e206ad Credits Lucio Sá Required...

CGA-WW8F-82M4-7727

Bulletin has no description...

CVE-2019-7727

creationtimestamp| type| source ---|---|--- 2024-01-06 23:08:02+00:00| seen| https://t.me/arpsyndicate/2585 2026-03-04 22:30:33+00:00| seen| https://gist.github.com/beerandgin/a999d21835751417f8d1ac219eec40a4...

USN-6298-1: ZZIPlib vulnerabilities

Liu Zhu discovered that ZZIPlib incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2018-7727 YiMing Liu discovered that ZZIPlib incorrectly...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : ZZIPlib vulnerabilities (USN-6298-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6298-1 advisory. Liu Zhu discovered that ZZIPlib incorrectly handled certain inputs. If a user or an automated system were tricked into opening a...

dom-to-gaffa (>=0.0.1 <=0.0.2), driven (>=0.0.1 <=0.3.3) +12 more potentially affected by CVE-2020-7727 via gedi (>=0.10.1 <=1.6.3)

gedi NPM version =0.10.1, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.0, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.3.1, =0.3.3 Source cves: CVE-2020-7727 Source advisory: OSV:GHSA-JH2M-J8PP-55RC...

CVE-2020-7727

All versions of package gedi are vulnerable to Prototype Pollution via the set function...

CVE-2020-7727

Affected software: the gedi package (JavaScript). Vulnerability: Prototype Pollution via the set function. Root cause: unsafe handling of object property paths in set, enabling pollution of Object.prototype under certain inputs. Impact (as stated in related advisories): potential for DoS or remot...

CVE-2020-7727 Prototype Pollution

All versions of package gedi are vulnerable to Prototype Pollution via the set function...

dom-to-gaffa (>=0.0.1 <=0.0.2), driven (>=0.0.1 <=0.3.3) +12 more potentially affected by CVE-2020-7727 via gedi (>=0.10.1 <=1.6.3)

gedi NPM version =0.10.1, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.0, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.3.1, =0.3.3 Source cves: CVE-2020-7727 Source advisory: SNYK:JS-GEDI-598803...

Huawei EulerOS: Security Advisory for zziplib (EulerOS-SA-2018-1397)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...