20 matches found
CVE-2026-13915
CVE-2026-13915 affects Chrome for iOS (Google Chrome on iOS) prior to version 150.0.7871.47. The vulnerability is described as a use-after-free that could lead to heap corruption when a remote attacker convinces a user to perform specific UI gestures on a crafted HTML page. Impact details in the ...
Critical CVSS 9.8 Flaw Found in IBM API Connect Authentication System
IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The vulnerability, tracked as CVE-2025-13915 , is rated 9.8 out of a maximum of 10.0 on the CVSS scoring system. It has been described as an authentication...
CVE-2025-13915
creationtimestamp| type| source ---|---|--- 2025-12-26 14:43:19+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115786396429197847 2025-12-26 15:44:10+00:00| seen| https://infosec.exchange/users/vuldb/statuses/115786635668538679 2025-12-27 06:04:12+00:00| seen|...
CVE-2025-13915 Authentication bypass in IBM API Connect
IBM API Connect 10.0.8.0 through 10.0.8.5, and 10.0.11.0 could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application...
Security Bulletin: Authentication bypass in IBM API Connect
Summary Internal testing has revealed a potential authentication bypass in IBM API Connect Vulnerability Details CVEID:CVE-2025-13915 DESCRIPTION: IBM API Connect could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application. CWE:CWE-305:...
CVE-2024-13915
Android based smartphones from vendors such as Ulefone and Krüger contain "com.pri.factorytest" application preloaded onto devices during manufacturing process. The application "com.pri.factorytest" version name: 1.0, version code: 1 exposes a ”com.pri.factorytest.emmc.FactoryResetService“ servic...
CVE-2024-13915
creationtimestamp| type| source ---|---|--- 2025-05-30 16:29:10+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqfnoti27oe2 2025-05-30 20:06:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqfzsqmajr2q 2025-06-02...
CVE-2024-13915
Android based smartphones from vendors such as Ulefone and Krüger&Matz contain "com.pri.factorytest" application preloaded onto devices during manufacturing process. The application "com.pri.factorytest" version name: 1.0, version code: 1 exposes a ”com.pri.factorytest.emmc.FactoryResetService“...
CVE-2024-13915 Unrestricted Access to Exported Service in com.pri.factorytest
Android based smartphones from vendors such as Ulefone and Krüger&Matz contain "com.pri.factorytest" application preloaded onto devices during manufacturing process. The application "com.pri.factorytest" version name: 1.0, version code: 1 exposes a ”com.pri.factorytest.emmc.FactoryResetService“...
CVE-2020-13915
Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n,...
CVE-2019-13915
b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. ...
CVE-2017-13915
creationtimestamp| type| source ---|---|--- 2023-09-14 22:30:48+00:00| seen| https://t.me/cibsecurity/70483...
CVE-2017-13915
Rejected reason: This candidate is unused by its CNA...
CVE-2018-13915
CVE-2018-13915 is rejected/not used; this candidate number was not assigned to any issue.
CVE-2020-13915
creationtimestamp| type| source ---|---|--- 2020-07-28 18:55:28+00:00| seen| https://t.me/cibsecurity/13696...
CVE-2020-13915
Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n,...
CVE-2020-13915
CVE-2020-13915 concerns Ruckus Wireless Unleashed firmware versions affecting a broad range of devices (e.g., C110, E510, H320, H510, M510, R320, R310, R500, R510/R600, R610, R710, R720, R750, T300, T301n/s, T310c/d/n/s, T610, T710/ T710s). The root cause is insecure permissions in emfd/libemf, e...
CVE-2019-13915
b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. ...
CVE-2019-13915
CVE-2019-13915 : In b3log Wide, prior to version 1.6.0, three attack types enable arbitrary file read/write. 1) An attacker can insert and run code in the editor about three times to read an arbitrary file. 2) An attacker can create a symlink and place it in a ZIP archive; an unzip operation gran...
CVE-2017-13915
CVE-2017-13915 entry is rejected/not used by its CNA.