Fedora 44 : 7zip (2025-b5a4903ea0)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-b5a4903ea0 advisory. Automatic update for 7zip-25.01-1.fc44. Changelog Wed Nov 26 2025 Michel Lind - 25.01-1 - Update to 25.01 - 25.00+ fixes CVE-2025-11001; Resolves: rhbz241601...

Linux Distros Unpatched Vulnerability : CVE-2019-16197

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In htdocs/societe/card.php in Dolibarr 10.0.1, the value of the User-Agent HTTP header is copied into the HTML document as plain text between tags, leading to...

Privilege Escalation

cocotais-bot is vulnerable to Privilege Escalation. The vulnerability is due to improper sanitization and permission validation in the command echoing feature, which allows user-supplied input to be interpreted as privileged commands...

CVE-2025-47948

Cocotais Bot is a QQ official robot framework based on qq-bot-sdk. Starting in version 1.5.0-test2-hotfix and prior to version 1.6.2, command echoing feature in the framework allows users to indirectly trigger privileged behavior by injecting special platform tags. Specifically, an unauthorized...

CVE-2025-47948 Cocotais Bot has builtin .echo command injection

Cocotais Bot is a QQ official robot framework based on qq-bot-sdk. Starting in version 1.5.0-test2-hotfix and prior to version 1.6.2, command echoing feature in the framework allows users to indirectly trigger privileged behavior by injecting special platform tags. Specifically, an unauthorized...

CVE-2018-12234

A Reflected Cross Site Scripting XSS Vulnerability was discovered in Adrenalin 5.4.0 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the flexiportal/GeneralInfo.aspx strAction parameter...

WordPress F/T/G Social Widgets 1.3.7 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Title: WordPress 'Facebook, Twitter & Google+ Social Widgets' Plugin Version: 1.3.7 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-15 Download: - https://wordpress.org/plugins/facebook-twitter-google-social-widgets/ -...

Command injection

Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, places a ccrypt key on the command line, which allows local users to obtain sensitive information by listing the process and its arguments, related to "echoing."...

CVE-2010-0119

Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, places a ccrypt key on the command line, which allows local users to obtain sensitive information by listing the process and its arguments, related to "echoing."...