CVE-2025-68974

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through =...

CVE-2025-66359

An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting XSS vulnerability...

OpenSMTPD 7.7.0 DoS Vulnerability

OpenSMTPD is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openbsd:opensmtpd";...

EUVD-2019-5244

Malware in sbrugna...

EUVD-2020-28151

Malware in sbrugna...

PT-2025-33335

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall Management Center FMC Software versions 7.0.7 and 7.7.0 Description A vulnerability exists in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center FMC Software that could allow an unauthenticated...

CVE-2023-30955

A security defect was identified in Foundry workspace-server that enabled a user to bypass an authorization check and view settings related to 'Developer Mode'. This enabled users with insufficient privilege the ability to view and interact with Developer Mode settings in a limited capacity. A fi...

CVE-2024-9945

An information-disclosure vulnerability exists in Fortra's GoAnywhere MFT application prior to version 7.7.0 that allows external access to the resources in certain admin root folders...

CVE-2023-30955

A security defect was identified in Foundry workspace-server that enabled a user to bypass an authorization check and view settings related to 'Developer Mode'. This enabled users with insufficient privilege the ability to view and interact with Developer Mode settings in a limited capacity. A fi...

PT-2023-21399 · Shapeshift · Keepkey

Name of the Vulnerable Software and Affected Versions: ShapeShift KeepKey hardware wallet versions prior to 7.7.0 Description: The issue is related to insufficient length checks in the firmware, allowing a global buffer overflow via crafted messages. Flaws in the cf confirmExecTx function in...

Atlassian Jira 7.7.0 < 7.13.9 Information Disclosure In Comment Restriction Feature

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.0. It is, therefore, affected by a vulnerability which permits remote attackers to view sensitive information via an Information Disclosure vulnerability in the comment...

CVE-2022-42898 affecting package heimdal 7.7.0-5

CVE-2022-42898 affecting package heimdal 7.7.0-5. An upgraded version of the package is available that resolves this issue...

CVE-2022-44640 affecting package heimdal 7.7.0-5

CVE-2022-44640 affecting package heimdal 7.7.0-5. An upgraded version of the package is available that resolves this issue...

Design/Logic Flaw

The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileges because of weak permissions on the installation directory...

Wordpress Ithemes Security Plugin Handles Logic Error Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in Wordpress Ithemes Security Plugin versions prior to 7.7.0, which...

Elastic Elasticsearch Privilege Escalation Vulnerability (ESA-2020-07)

Elasticsearch is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Information disclosure

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view sensitive information via an Information Disclosure vulnerability in the comment restriction feature. The affected versions are before version 7.6.17, from version 7.7.0 before 7.13.9, and from version 8.0.0...

Elastic Kibana 6.7.0 < 6.8.9, 7.x <= 7.6.2 Prototype Pollution Vulnerability - Linux

Kibana is prone to a prototype pollution vulnerability in the Upgrade Assistant. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Elastic App Search Cross-Site Scripting Vulnerability

Elastic App Search is a powerful set of APIs and developer tools from Elastic designed for developers to build rich, user-oriented search applications. Elastic App Search versions prior to 7.7.0 have a cross-site scripting vulnerability in the Reference UI that displays document URLs. If the...

Elasticsearch Kibana Code Injection Vulnerability

Elasticsearch Kibana is a suite of open source, browser-based analytics and search Elasticsearch dashboard tools from Elasticsearch Netherlands. A code injection vulnerability exists in TSVB in Elasticsearch Kibana versions prior to 6.8.9 and prior to 7.7.0. An attacker can exploit this...