44 matches found
CVE-2026-7846
creationtimestamp| type| source ---|---|--- 2026-05-05 17:28:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml4pjxmtb42q...
CVE-2026-7846
A vulnerability has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. Impacted is the function files of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component OpenAI-Compatible File Upload API. Such manipulation of the argument file.filename leads to...
MINI-7846-4RFG-35HR
Bulletin has no description...
MINI-7846-2XJ2-FHHG
Bulletin has no description...
Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : X.Org X Server vulnerabilities (USN-7846-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7846-1 advisory. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could use these...
CVE-2025-7846
creationtimestamp| type| source ---|---|--- 2025-10-29 15:21:22+00:00| seen| https://gist.github.com/Darkcrai86/f679dc683ac2b5e87c056a5439647c21 2025-10-31 08:43:05+00:00| seen| https://gist.github.com/Darkcrai86/fdd50e2e80580bd8e5c3fcebaffc81a8 2025-10-31 09:37:00+00:00| seen|...
MAL-2025-7846 Malicious code in @epc-tools/logger (npm)
The package @epc-tools/logger was found to contain malicious code...
CVE-2018-7846
creationtimestamp| type| source ---|---|--- 2025-04-24 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-01...
RHEL 8 : openssl (RHSA-2024:7846)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:7846 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...
CVE-2024-7846 YITH WooCommerce Ajax Search < 2.7.1 - Contributor+ Stored XSS
YITH WooCommerce Ajax Search is vulnerable to a XSS vulnerability due to insufficient sanitization of user supplied block attributes. This makes it possible for Contributors+ attackers to inject arbitrary scripts...
Schneider Electric Modicon Controllers Trust Boundary Violation (CVE-2018-7846)
A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by conducting a brute force attack on Modbus protocol to the controller. This plugi...
Mageia: Security Advisory (MGASA-2014-0483)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-7846
creationtimestamp| type| source ---|---|--- 2021-02-24 18:36:56+00:00| seen| https://t.me/cibsecurity/24079...
CVE-2020-7846
Helpcom before v10.0 contains a file download and execution vulnerability caused by storing hardcoded cryptographic key. It finally leads to a file download and execution via access to crafted web page...
CVE-2020-7846
CVE-2020-7846 affects Helpcom prior to v10.0. The root cause is storing a hardcoded cryptographic key, enabling a crafted web page to trigger a file download and execution on affected systems. NVD and other sources report high-severity impact (CVSS:3.1 base score up to 8.8; network attack vector,...
CVE-2019-7846
Adobe Campaign Classic (Windows/Linux) 18.10.5-8984 and earlier is affected by an improper error handling vulnerability that could lead to information disclosure for the current user. The Red Hat advisory confirms the same issue, describing it as an information disclosure vulnerability in ACC. Wh...
CVE-2018-7846
CVE-2018-7846 affects Schneider Electric Modicon M580, M340, Quantum and Premium PLCs. The issue is a CWE-501 Trust Boundary Violation in the UMAS/Reservation mechanism: an unauthenticated brute-force attempt to the Modbus-based reservation session (one-byte session token) can allow unauthorized ...
CVE-2018-7846
A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by conducting a brute force attack on Modbus protocol to the controller...
CVE-2017-7846
It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View - Feed article - Website" or in the standard format of "View - Feed article - default format". This vulnerability affects Thunderbird 52.5.2...
CVE-2017-7846
It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View - Feed article - Website" or in the standard format of "View - Feed article - default format". This vulnerability affects Thunderbird 52.5.2...