Ubuntu 24.04 LTS / 25.04 : PAM vulnerability (USN-7761-1)

The remote Ubuntu 24.04 LTS / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7761-1 advisory. It was discovered that the PAM pamaccess module incorrectly parsed certain rules as hostnames. An attacker could possibly use this issue to spoof hostname...

CVE-2025-7761

CVE-2025-7761 – Reflected XSS in Lepszy BIP : The vulnerability arises from improper input validation in the index.php form parameter, allowing arbitrary JavaScript to execute in a victim’s browser when a specially crafted URL is opened. Affected: Lepszy BIP (potentially all versions). Root cause...

CVE-2025-7761 Reflected XSS in Lepszy BIP

Lepszy BIP is vulnerable to Reflected Cross-Site Scripting XSS. Improper input validation in index.php form in one of the parameters allows arbitrary JavaScript to be executed on victim's browser when specially crafted URL is opened. The vendor was contacted early about this disclosure but did no...

WordPress Simple Job Board plugin < 2.12.2 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Simple Job Board versions 2.12.2...

CVE-2024-7761

In the process of testing the Simple Job Board WordPress plugin before 2.12.2, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which entails account takeover backdoor...

CVE-2024-7761

In the process of testing the Simple Job Board WordPress plugin before 2.12.2, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which entails account takeover backdoor...

CVE-2024-7761

CVE-2024-7761 affects the WordPress Simple Job Board plugin prior to version 2.12.2. The vulnerability is a Stored XSS that can be executed via the editor/admin interface by embedding a malicious script, potentially enabling an account takeover backdoor. Affected product: Simple Job Board WordPre...

CVE-2024-7761 Simple Job Board < 2.12.2 - Admin+ Stored XSS

In the process of testing the Simple Job Board WordPress plugin before 2.12.2, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which entails account takeover backdoor...

CVE-2024-7761 Simple Job Board < 2.12.2 - Admin+ Stored XSS

In the process of testing the Simple Job Board WordPress plugin before 2.12.2, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which entails account takeover backdoor...

Schneider Electric Modicon Improper Input Validation (CVE-2018-7761)

A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more informatio...

Mageia: Security Advisory (MGASA-2018-0018)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2235-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-7761

creationtimestamp| type| source ---|---|--- 2020-11-05 14:48:58+00:00| seen| https://t.me/cibsecurity/15856...

CVE-2020-7761

This affects the package @absolunet/kafe before 3.2.10. It allows cause a denial of service when validating crafted invalid emails...

CVE-2020-7761

CVE-2020-7761 affects the package @absolunet/kafe prior to 3.2.10. The vulnerability is a Regular Expression Denial of Service (ReDoS) caused by an insecure regex used to validate crafted invalid emails, which can lead to Denial of Service. Public advisories (GHSA, OSV, NVD, Snyk, Veracode, CVE l...

CVE-2019-7761

Adobe Acrobat and Reader are affected by CVE-2019-7761 (and related CVEs) as a use-after-free vulnerability in versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier. Succe...

Adobe Acrobat and Reader Use After Free (APSB19-18: CVE-2019-7761)

A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

CVE-2017-7761

The Mozilla Maintenance Service "helper.exe" application creates a temporary directory writable by non-privileged users. When this is combined with creation of a junction a form of symbolic link, protected files in the target directory of the junction can be deleted by the Mozilla Maintenance...

CVE-2018-7761

A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution...

CVE-2018-7761

The CVE-2018-7761 entry affects Schneider Electric Modicon M340, Modicon Premium, Modicon Quantum PLCs and BMXNOR0200 where the HTTP request parser has an input-parsing vulnerability that can lead to arbitrary code execution. The connected NT/Nessus and CNVD records corroborate that an improper i...