12 matches found
CVE-2025-13770
creationtimestamp| type| source ---|---|--- 2025-11-28 10:59:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6oq4laqwd2k...
CVE-2025-13770
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2020-13770
Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security attributes; as these services run as user ‘NT AUTHORITY\SYSTEM’, the issue can be used to escalate privileges from a local standard or service account having...
CVE-2024-13770
The Puzzles | WP Magazine / Review with Store WordPress Theme + RTL theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.2.4 via deserialization of untrusted input 'viewmoreposts' AJAX action. This makes it possible for unauthenticated attackers to...
CVE-2020-13770
creationtimestamp| type| source ---|---|--- 2025-01-27 15:51:52+00:00| seen| https://t.me/CyberSecurityTechnologies/2098...
CVE-2021-41538
A vulnerability has been identified in NX 1953 Series All versions V1973.3700, NX 1980 Series All versions V1988, Solid Edge SE2021 All versions SE2021MP8. The affected application is vulnerable to information disclosure by unexpected access to an uninitialized pointer while parsing user-supplied...
Information disclosure
A vulnerability has been identified in NX 1953 Series All versions V1973.3700, NX 1980 Series All versions V1988, Solid Edge SE2021 All versions SE2021MP8. The affected application is vulnerable to information disclosure by unexpected access to an uninitialized pointer while parsing user-supplied...
CVE-2021-41538
CVE-2021-41538 : Siemens Solid Edge/NX OBJ parsing uninitialized pointer information disclosure. Affected products and versions include: NX 1953 Series (all versions < V1973.3700) and NX 1980 Series (all versions < V1988); Solid Edge SE2021 (all versions = V1973.3700, NX 1980 >= V1988, a...
CVE-2020-13770
Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security attributes; as these services run as user ‘NT AUTHORITY\SYSTEM’, the issue can be used to escalate privileges from a local standard or service account having...
CVE-2020-13770
CVE-2020-13770 affects Ivanti Endpoint Manager (version ~2020.1.1) where several services run as SYSTEM access named pipes with default/overly permissive security attributes. This can allow privilege escalation from a local account that has SeImpersonatePrivilege (e.g., NETWORK SERVICE). The conn...
CVE-2020-13770
Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security attributes; as these services run as user ‘NT AUTHORITY\SYSTEM’, the issue can be used to escalate privileges from a local standard or service account having...
CVE-2018-13770
Summary (CVE-2018-13770) : The mintToken function of a smart contract implementation for UltimateCoin (Ethereum token) contains an integer overflow that lets the contract owner set any user’s balance to an arbitrary value. This indicates a vulnerability in the token contract’s arithmetic handling...