79 matches found
CVE-2026-7778
An issue that could allow a dashboard configuration to be viewed from outside of the authorized organization scope has been resolved. This is an instance of CWE-269: Improper Privilege Management, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N 5.0, Medium. This...
CVE-2026-10017
Out of bounds read in Headless in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-9995
Use after free in WebXR in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
MINI-7778-WRG3-7MVX
Bulletin has no description...
CVE-2026-7928
Use after free in WebRTC in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-7778
An issue that could allow a dashboard configuration to be viewed from outside of the authorized organization scope has been resolved. This is an instance of CWE-269: Improper Privilege Management, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N 5.0, Medium. This...
Mozilla Firefox ESR < 52.2
The version of Firefox ESR installed on the remote Windows host is prior to 52.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-16 advisory. - A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads...
EUVD-2019-7778
Malware in sbrugna...
EUVD-2006-0963
Malware in sbrugna...
WordPress Icons Factory plugin <= 1.6.12 - Missing Authorization to Unauthenticated Arbitrary File Deletion via delete_files() Function vulnerability
Missing Authorization to Unauthenticated Arbitrary File Deletion via deletefiles Function vulnerability discovered by johska in WordPress Plugin Icons Factory versions = 1.6.12...
MAL-2025-7778 Malicious code in @diotobtea/laboriosam-esse-eaque (npm)
The package @diotobtea/laboriosam-esse-eaque was found to contain malicious code...
CVE-2024-7778 Orbit Fox by ThemeIsle <= 2.10.36 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.10.36 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access...
CVE-2024-7778 Orbit Fox by ThemeIsle <= 2.10.36 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.10.36 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access...
WordPress Orbit Fox by ThemeIsle Plugin <= 2.10.36 is vulnerable to Cross Site Scripting (XSS)
Software Orbit Fox by ThemeIsle Type Plugin Vulnerable versions = 2.10.36 Fixed in 2.10.37 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7778 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID cd6e92d6eaf7 Credits wesley wcraft...
RHEL 8 : postgresql:10 (RHSA-2023:7778)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:7778 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Buffer overrun from integer overflow in arra...
@azteam/monitor (>=1.0.1 <=1.0.9), @bb-cli/e2e-bb-test (>=2.8.3-5 <=2.8.4) +217 more potentially affected by CVE-2020-7778 via systeminformation (>=3.30.6 <=4.30.11)
systeminformation NPM version =3.30.6, =1.0.1, =2.8.3-5, =1.0.7, =1.0.0, =1.0.148 and more Source cves: CVE-2020-7778 Source advisory: OSV:GHSA-8J36-Q8X7-PM6Q...
Backdoor.Win32.Tiny.c Code Execution
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/c61733c6bcbbb11cee634e0a3fd672e9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Tiny.c Vulnerability: Unauthenticated Remote Command Execution Description: The malwa...
Mageia: Security Advisory (MGASA-2018-0018)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Backdoor.Win32.RmtSvc.l Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/38f9ee3ce51ead0ce6bf2edcaa462611.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.RmtSvc.l Vulnerability: Remote Denial of Service Description: The malware listens on...
SUSE: Security Advisory (SUSE-SU-2017:2235-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...