MINI-8672-MWHP-QQ42

Bulletin has no description...

CVE-2026-8672

CVE-2026-8672 affects Syslink Software AG Avantra (Linux/Windows). The issue is a default credentials vulnerability enabling local access to an internal DB, with attackers needing high privileges and no user interaction. CVSS v3.1: AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N; impact limited to confidenti...

CVE-2025-8672

MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the application...

CVE-2025-8672

creationtimestamp| type| source ---|---|--- 2025-08-11 13:03:43+00:00| seen| Telegram/kh0xj6excM3VwBIYzD6uHE-HWdkrsujpW6XwIw4eoFFjsY...

CVE-2025-8672

Removed by vendor...

CVE-2025-8672 TCC Bypass via Inherited Permissions in Bundled Interpreter in GIMP.app

MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the application...

CVE-2014-8672

Cross-site scripting XSS vulnerability in the RewardingYourself application for Android and BlackBerry OS allows remote attackers to inject arbitrary web script or HTML via a crafted QR code...

Linux Distros Unpatched Vulnerability : CVE-2019-8672

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3,...

CVE-2024-8672 Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code Execution

The Widget Options – The 1 WordPress Widget & Block Control Plugin plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.0.7 via the display logic functionality that extends several page builders. This is due to the plugin allowing users to supply inp...

CVE-2024-8672 Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code Execution

The Widget Options – The 1 WordPress Widget & Block Control Plugin plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.0.7 via the display logic functionality that extends several page builders. This is due to the plugin allowing users to supply inp...

WordPress Widget Options Plugin <= 4.0.7 is vulnerable to Remote Code Execution (RCE)

Software Widget Options Type Plugin Vulnerable versions = 4.0.7 Fixed in 4.0.8 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2024-8672 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 44c40aa090ca Credits Webbernaut Required privilege...

SUSE CVE-2019-8672

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may...

Mageia: Security Advisory (MGASA-2019-0281)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:2345-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-8672

creationtimestamp| type| source ---|---|--- 2021-02-03 00:55:45+00:00| seen| https://t.me/cibsecurity/22979...

CVE-2020-8672

Out of bound read in BIOS firmware for 8th, 9th Generation IntelR CoreTM, IntelR CeleronR Processor 4000 Series Processors may allow an unauthenticated user to potentially enable elevation of privilege or denial of service via local access...

CVE-2020-8672

CVE-2020-8672 describes an out-of-bounds read in BIOS firmware for 8th/9th Gen Intel Core and Intel Celeron 4000 Series processors that may allow an unauthenticated local attacker to elevate privileges or cause a denial of service. The vulnerability is documented in Intel’s BIOS advisory (INTEL-S...

Intel BIOS Advisory

Summary: Potential security vulnerabilities in BIOS firmware for multiple Intel Platforms may allow escalation of privilege, denial of service and/or information disclosure. Intel is releasing BIOS updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2020-8672...

Apple Multiple Products Memory Corruption (CVE-2019-8672)

A memory corruption vulnerability exists in Apple. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2019:2208-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...