CVE-2026-7770 IBM i Access Client Solutions (ACS) is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator

IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions ACS is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator...

Security Bulletin: IBM i Access Client Solutions (ACS) is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator (CVE-2026-7770)

Summary IBM i Access Client Solutions ACS is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator CVE-2026-7770. Vulnerability Details CVEID:CVE-2026-7770 DESCRIPTION: IBM i Access Client Solutions ACS is vulnerable to remote code execution when configur...

MAL-2025-7770 Malicious code in @diotobtea/esse-facere-nam (npm)

The package @diotobtea/esse-facere-nam was found to contain malicious code...

CVE-2025-7770

Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. The session IDs are generated using a predictable method based on the current timestamp, allowing attackers to recreate valid session IDs. When combined with the ability to circumvent session ID...

CVE-2025-7770

CVE-2025-7770 affects Tigo Energy Cloud Connect Advanced (CCA). The vulnerability is insecure session ID generation in the remote API, where session IDs are produced by a predictable method based on the current timestamp, enabling attackers to recreate valid session IDs. Combined with bypassing s...

CVE-2025-7770 Predictable Seed in Pseudo-Random Number Generator (PRNG) in Tigo Energy Cloud Connect Advanced

Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. The session IDs are generated using a predictable method based on the current timestamp, allowing attackers to recreate valid session IDs. When combined with the ability to circumvent session ID...

CVE-2025-7770

creationtimestamp| type| source ---|---|--- 2025-08-05 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-217-02 2025-08-05 16:06:34+00:00| seen| https://bsky.app/profile/pigondrugs.bsky.social/post/3lvo3obrv5y2b 2025-08-06 23:50:35+00:00| seen|...

CVE-2024-7770

creationtimestamp| type| source ---|---|--- 2024-09-10 14:14:19+00:00| seen| https://t.me/cvedetector/5224...

CVE-2024-7770

The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload' function in all versions up to, and including, 6.5.5. This makes it possible for authenticated...

WordPress Bit File Manager Plugin <= 6.5.5 is vulnerable to Arbitrary File Upload

Software Bit File Manager Type Plugin Vulnerable versions = 6.5.5 Fixed in 6.5.6 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-7770 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 4d22ee982f55 Credits TANG Cheuk Hei siunam Required privileg...

Important: Red Hat Security Advisory: rh-postgresql12-postgresql security update

An update for rh-postgresql12-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

@alexeimyshkouski/json-api (=0.0.1), @cyber-crafts/ltc-core (=1.0.0) +13 more potentially affected by CVE-2020-7770 via json8 (>=0.1.0 <=0.9.2)

json8 NPM version =0.1.0, =0.0.10, =0.4.0, =0.2.0, =1.1.0, =1.3.0, =2.0.2, =1.0.0, =1.1.1, =1.2.3, =1.3.0 - yaml-scheme =1.0.2 Source cves: CVE-2020-7770 Source advisory: OSV:GHSA-7H43-GX24-P529...

CVE-2020-7770

creationtimestamp| type| source ---|---|--- 2020-11-12 14:31:31+00:00| seen| https://t.me/cibsecurity/16198...

CVE-2020-7770

The CVE-2020-7770 entry concerns json8 before 1.0.3. A function that adds a property to a target object does not properly validate the key being set, enabling prototype pollution. Affected versions are prior to 1.0.3; remediation is to upgrade json8 to version 1.0.3 or later. Other linked advisor...

CVE-2019-7770

CVE-2019-7770 affects Adobe Acrobat and Reader, with an out-of-bounds read vulnerability that could lead to information disclosure. Affected versions include 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier,...

CVE-2018-7770

CVE-2018-7770 affects Schneider Electric U.motion Builder; the vulnerability exists in processing of sendmail.php, allowing an attacker to select arbitrary files to send to any email address. Affected are U.motion Builder versions prior to v1.3.4. Impact is information disclosure via path travers...

CVE-2017-7770

A mechanism where when a new tab is loaded through JavaScript events, if fullscreen mode is then entered, the addressbar will not be rendered. This would allow a malicious site to displayed a spoofed addressbar, showing the location of an arbitrary website instead of the one loaded. Note: this...

CVE-2017-7770

CVE-2017-7770 describes a spoofing vulnerability in Firefox for Android: when a new tab is loaded via JavaScript events and fullscreen is entered, the address bar may not be rendered, allowing a malicious site to spoof the displayed URL. Affected: Firefox for Android, Firefox

CVE-2017-7770

A mechanism where when a new tab is loaded through JavaScript events, if fullscreen mode is then entered, the addressbar will not be rendered. This would allow a malicious site to displayed a spoofed addressbar, showing the location of an arbitrary website instead of the one loaded. Note: this...

CVE-2016-7770

...