CVE-2025-13022

creationtimestamp| type| source ---|---|--- 2026-04-13 17:59:41+00:00| seen| Telegram/oO774kvwIB8daNH9tl28ZNHNLpZ-tzMTZMRdZwVl3XAtyg 2026-04-13 17:59:50+00:00| seen| Telegram/v-1AydXySxiNxE6SaFVPXOMgwh9lcyinlmzJXhWqHW4...

Mozilla Thunderbird Security Update (mfsa_2025-90) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Linux Distros Unpatched Vulnerability : CVE-2025-13022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145. CVE-2025-13022 Note that Nessu...

CVE-2025-13022

Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145...

CVE-2024-13022

A vulnerability, which was classified as critical, was found in taisan tarzan-cms 1.0.0. This affects the function UploadResponse of the file src/main/java/com/tarzan/cms/modules/admin/controller/common/UploadController.java of the component Article Management. The manipulation of the argument fi...

CVE-2019-13022

Bond JetSelect all versions has an issue in the Java class ENCtool.jar and corresponding password generation algorithm used to set initial passwords upon first installation. It XORs the plaintext into the 'encrypted' password that is then stored within the database. These steps are able to be...

Linux Distros Unpatched Vulnerability : CVE-2017-13022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ipprintroute. CVE-2017-13022 Note that Nessus relies on the presence of the package a...

CVE-2024-13022

A vulnerability, which was classified as critical, was found in taisan tarzan-cms 1.0.0. This affects the function UploadResponse of the file src/main/java/com/tarzan/cms/modules/admin/controller/common/UploadController.java of the component Article Management. The manipulation of the argument fi...

CVE-2024-13022

creationtimestamp| type| source ---|---|--- 2024-12-29 20:04:54+00:00| seen| https://infosec.exchange/users/cve/statuses/113737904535445026 2024-12-29 20:15:24+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lehthkpx3622 2024-12-29 21:34:18+00:00| seen|...

CVE-2024-13022 taisan tarzan-cms Article Management UploadController.java UploadResponse unrestricted upload

A vulnerability, which was classified as critical, was found in taisan tarzan-cms 1.0.0. This affects the function UploadResponse of the file src/main/java/com/tarzan/cms/modules/admin/controller/common/UploadController.java of the component Article Management. The manipulation of the argument fi...

CVE-2024-13022

CVE-2024-13022 affects taisan tarzan-cms 1.0.0, specifically the UploadResponse function in UploadController.java (Article Management). The vulnerability arises from manipulation of the file argument, enabling unrestricted uploads and allowing remote initiation. Multiple connected reports confirm...

CVE-2024-13022 taisan tarzan-cms Article Management UploadController.java UploadResponse unrestricted upload

A vulnerability, which was classified as critical, was found in taisan tarzan-cms 1.0.0. This affects the function UploadResponse of the file src/main/java/com/tarzan/cms/modules/admin/controller/common/UploadController.java of the component Article Management. The manipulation of the argument fi...

CVE-2020-13022

...

CVE-2020-13022

CVE-2020-13022 is rejected/not used per initial description; this entry does not represent an active vulnerability.

CVE-2019-13022

creationtimestamp| type| source ---|---|--- 2020-05-14 20:34:31+00:00| seen| https://t.me/cibsecurity/12075 2020-05-14 21:04:25+00:00| seen| https://t.me/cibsecurity/12077 2020-05-14 23:29:29+00:00| seen| https://t.me/VulnerabilityNews/14583...

Design/Logic Flaw

The administrative passwords for all versions of Bond JetSelect are stored within an unprotected file on the filesystem, rather than encrypted within the MySQL database. This backup copy of the passwords is made as part of the installation script, after the administrator has generated a password...

CVE-2019-13022

Bond JetSelect (all versions) has a vulnerability in ENCtool.jar password generation where the plaintext password is XORed into an “encrypted” value stored in the database, making the initial admin passwords trivially reversible and enabling privilege escalation to modify/delete networking config...

CVE-2018-13022

The Xiaomi Mi Router 3 (firmware version 2.22.15) is affected by a cross-site scripting (XSS) vulnerability in the API 404 page. The issue enables an attacker to inject and execute arbitrary JavaScript by supplying a crafted URL path. Public references across CNVD/CVE records confirm the same des...

CVE-2017-13022

The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ipprintroute...

CVE-2017-13022

tcpdump has a buffer over-read in print-ip.c:ip_printroute() (CVE-2017-13022). Debian's DSA-3971-1 and related advisories indicate the fix is in tcpdump 4.9.2 (and backported for various releases). Systems using tcpdump prior to 4.9.2 should upgrade to 4.9.2 or later to mitigate. The Debian advis...