16 matches found
CVE-2026-14127
creationtimestamp| type| source ---|---|--- 2026-07-02 01:39:51+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmvl6ve752u 2026-07-02 08:18:50+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702...
CVE-2026-14127
Inappropriate implementation in Printing in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14127
CVE-2026-14127 involves an inappropriate implementation in Chrome’s printing flow prior to 150.0.7871.47. A remote attacker who already had code execution in the renderer could trigger UI spoofing via a crafted HTML page. Affected product is Google Chrome (Chromium-based); impact described as low...
WordPress Testimonial Master plugin <= 0.2.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability
Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Testimonial Master versions = 0.2.1...
CVE-2020-14127
creationtimestamp| type| source ---|---|--- 2022-07-14 18:32:46+00:00| seen| https://t.me/cibsecurity/46250...
CVE-2020-14127
A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by heap overflow and can be exploited by attackers to make remote denial of service...
CVE-2020-14127
CVE-2020-14127 affects Xiaomi devices (e.g., Redmi K40, Redmi Note 10 Pro) running MIUI prior to 2022-07-01. The vulnerability arises from a heap overflow in the affected software, allowing an attacker to trigger remote denial-of-service. No exploit details are provided in the sources; remediatio...
SUSE: Security Advisory (SUSE-SU-2019:14127-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-14127
Possible buffer overflow while playing mkv clip due to lack of validation of atom size buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064,...
CVE-2019-14127
CVE-2019-14127 : A possible buffer overflow during MKV playback due to improper validation of the atom size buffer in Qualcomm Snapdragon video paths (Snapdragon Auto/Compute/Consumer IoT/Industrial IoT/Mobile/Wearables, etc.) affecting a wide range of Snapdragon families (APQ, MDM, MSM, Nicobar/...
CVE-2019-14127
Possible buffer overflow while playing mkv clip due to lack of validation of atom size buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064,...
VulnCheck KEV: CVE-2017-14127
Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OIFwv7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mntping.cgi...
Command injection
An issue was discovered in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices. A Command Injection in the Ping module in the Web Interface in OIFwV20 allows remote attackers to execute arbitrary OS commands in the pingAddr parameter to mntping.cgi. NOTE: This ma...
CVE-2019-18396
CVE-2019-18396 affects Technicolor TD5130v2 devices running OI_Fw_V20. A command injection exists in the Ping module of the Web Interface via the pingAddr parameter to mnt_ping.cgi, enabling remote attackers to execute arbitrary OS commands. Public details show an example payload in POST /mnt_pin...
CVE-2017-14127
Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OIFwv7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mntping.cgi...
CVE-2017-14127
CVE-2017-14127 is a command-injection vulnerability in the Ping Module of the Technicolor TD5336 TD5336 OI_Fw_v7 device web interface. The issue allows remote attackers to execute arbitrary OS commands as root by injecting shell metacharacters into the pingAddr parameter sent to mnt_ping.cgi. Pub...