CVE-2026-8754

creationtimestamp| type| source ---|---|--- 2026-05-17 04:16:46+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-8754 2026-05-17 14:48:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm2m66jrkb2v...

Linux Distros Unpatched Vulnerability : CVE-2024-8754

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab EE/CE affecting all versions from 16.9.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2. An improper inp...

MAL-2025-8754 Malicious code in @malware-test-later-pupas-moxas-merls/test-mlw3-later-pupas-moxas-merls (npm)

The package @malware-test-later-pupas-moxas-merls/test-mlw3-later-pupas-moxas-merls was found to contain malicious code...

CVE-2020-8754

Out-of-bounds read in subsystem for IntelR AMT, IntelR ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access...

CVE-2024-8754

creationtimestamp| type| source ---|---|--- 2024-09-12 19:47:59+00:00| seen| https://t.me/cvedetector/5497...

CVE-2024-8754 External Control of Critical State Data in GitLab

An issue has been discovered in GitLab EE/CE affecting all versions from 16.9.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2. An improper input validation error allows attacker to squat on accounts via linking arbitrary unclaimed provider identities when JWT authentication is...

CVE-2024-8754 External Control of Critical State Data in GitLab

An issue has been discovered in GitLab EE/CE affecting all versions from 16.9.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2. An improper input validation error allows attacker to squat on accounts via linking arbitrary unclaimed provider identities when JWT authentication is...

GitLab 16.9.7 < 17.1.7 / 17.2 < 17.2.5 / 17.3 < 17.3.2 (CVE-2024-8754)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE/CE affecting all versions from 16.9.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2. An improper input validation error allows attacker to...

CGA-8754-5H8X-2Q8Q

Bulletin has no description...

Intel Active Management Technology Multiple Vulnerabilities (INTEL-SA-00391)

Intel Active Management Technology AMT is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2020-8754

creationtimestamp| type| source ---|---|--- 2020-11-12 20:32:07+00:00| seen| https://t.me/cibsecurity/16232...

CVE-2020-8754

Out-of-bounds read in subsystem for IntelR AMT, IntelR ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access...

CVE-2020-8754

Intel AMT/ISM subsystem contains an out-of-bounds read vulnerability (CVE-2020-8754) that could allow unauthenticated information disclosure over the network. Affected versions include Intel AMT/ISM before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45. Intel’s advisory and vendor advisories in...

CVE-2019-8754

CVE-2019-8754 describes a cross-origin iframe issue in macOS components. The root cause is a cross-origin security origins tracking flaw that could allow a malicious HTML document to render iframes containing sensitive user information. Apple patched this in macOS Catalina 10.15.1 and Security Up...

Debian DSA-4160-1 : libevt - security update

It was discovered that insufficient input sanitising in libevt, a library to access the Windows Event Log EVT format, could result in denial of service if a malformed EVT file is processed. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

Debian: Security Advisory (DSA-4160-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-8754

The libevtrecordvaluesreadevent function in libevtrecordvalues.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub...

CVE-2018-8754

CVE-2018-8754 concerns the libevt library (Windows Event Log EVT format). The issue arises in the function libevt_record_values_read_event() in libevt_record_values.c, prior to 2018-03-17, where there is insufficient validation for out-of-bounds values of user SID data size, strings size, or data...

Security feature bypass

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page containing malicious content, due to the way that the Edge Content Security Policy CSP validates certain specially crafted documents, aka "Microsoft Edge...

CVE-2017-8754

Technical details for CVE-2017-8754 are not publicly available in the provided documents. Connected sources do not specify affected products, root cause, impact, or fixes. Monitor for updates from authoritative advisories.