CVE-2025-7760

creationtimestamp| type| source ---|---|--- 2026-02-03 13:17:50+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdxh4462lx2g...

EUVD-2015-7661

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-7760

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is locate...

MAL-2025-7760 Malicious code in @diotobtea/debitis-quo-itaque (npm)

The package @diotobtea/debitis-quo-itaque was found to contain malicious code...

CVE-2024-7760

aimhubio/aim version 3.22.0 contains a Cross-Site Request Forgery CSRF vulnerability in the tracking server. The vulnerability is due to overly permissive CORS settings, allowing cross-origin requests from all origins. This enables CSRF attacks on all endpoints of the tracking server, which can b...

dsipts (>=1.1.5 <=1.1.19), llm-toys (=0.1.1) +2 more potentially affected by CVE-2024-7760 via aim (>=3.17.4 <=3.20.1)

aim PYPI version =3.17.4, =1.1.5, =0.0.20, =0.1.0, =0.5.6 Source cves: CVE-2024-7760 Source advisory: OSV:GHSA-38R9-3J52-H92V...

CVE-2024-7760

aimhubio/aim version 3.22.0 contains a Cross-Site Request Forgery CSRF vulnerability in the tracking server. The vulnerability is due to overly permissive CORS settings, allowing cross-origin requests from all origins. This enables CSRF attacks on all endpoints of the tracking server, which can b...

CVE-2024-7760 CSRF in aimhubio/aim

aimhubio/aim version 3.22.0 contains a Cross-Site Request Forgery CSRF vulnerability in the tracking server. The vulnerability is due to overly permissive CORS settings, allowing cross-origin requests from all origins. This enables CSRF attacks on all endpoints of the tracking server, which can b...

CVE-2024-7760

CVE-2024-7760 affects aimhubio/aim (v3.22.0) where the tracking server is vulnerable to Cross‑Site Request Forgery (CSRF) due to overly permissive CORS settings that allow cross-origin requests from all origins. This vulnerability enables CSRF on all endpoints of the tracking server and can be ch...

K000140225: Codemirror vulnerability CVE-2020-7760

Security Advisory Description This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in...

CVE-2020-7760

creationtimestamp| type| source ---|---|--- 2024-02-10 12:06:51+00:00| seen| Telegram/3USY9KTVlFcVHlf1mQxRGkwauFx-OlqdY9v4SPCDHqFS4HQW...

Schneider Electric Modicon Improper Authentication (CVE-2018-7760)

An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions allow malicious users to bypass authorization. This plugin only works with Tenable.ot. Please visit...

Mageia: Security Advisory (MGASA-2018-0018)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Regular expression denial of Service

Overview codemirror before 5.58.2 is vulnerable to a regular expression denial of service. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS vulnerability of the regex...

0.8.18-p11 (=0.8.18-p12), 0hub (=1.0.0-beta.2) +1453 more potentially affected by CVE-2020-7760 via codemirror (>=2.33.0 <=5.58.1)

codemirror NPM version =2.33.0, =4.13.7-rc4, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.19.1-rc.2, =0.19.1-rc.3, =0.1.1, =0.0.1, =0.1.0, =0.1.0, =1.0.2 and more Source cves: CVE-2020-7760 Source advisory: OSV:GHSA-4GW3-8F77-F72C...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Node.js. Vulnerability Details CVEID: CVE-2020-8277 DESCRIPTION: Node.js is vulnerable to a denial of service. By getting the application to resolve a DNS record with a larger number of responses, an attacker...

Security Bulletin: Vulnerabilities in Node.js affect IBM Integration Bus (CVE-2020-7760)

Summary IBM Integration Bus ships with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2020-7760 DESCRIPTION: Node.js codemirror module is vulnerable to a denial of service, caused by a regular...

Security Bulletin: A security vulnerability in Node.js codemirror module affects IBM Cloud Pak for Multicloud Management.

Summary A security vulnerability in Node.js codemirror module affects IBM Cloud Pak for Multicloud Management. Vulnerability Details CVEID: CVE-2020-7760 DESCRIPTION: Node.js codemirror module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw. By...

Debian DSA-4789-1 : codemirror-js - security update

It was discovered that codemirror, a browser-based text editor implemented in JavaScript, was vulnerable to regular expression denial-of-service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4789. The text...

[SECURITY] [DSA 4789-1] codemirror-js security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4789-1 [email protected] https://www.debian.org/security/ Sebastien Delafond November 12, 2020 https://www.debian.org/security/faq -...