14 matches found
CVE-2025-15449
creationtimestamp| type| source ---|---|--- 2026-01-05 04:29:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mbnm2d4gqd22...
CVE-2025-15449
CVE-2025-15449 affects the JavaMall project, specifically the delete function in MinioController.java, where manipulating the objectName argument enables path traversal. This vulnerability can be exploited remotely; affected versions are before 994f1e2b019378ec9444cdf3fce2d5b5f72d28f0. Multiple c...
CVE-2022-36977
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Certificate...
CVE-2019-15449
creationtimestamp| type| source ---|---|--- 2024-02-20 10:46:34+00:00| seen| https://t.me/ctinow/188333...
CVE-2022-36977
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Certificate...
Deserialization of untrusted data
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Certificate...
CVE-2022-36977
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Certificate...
CVE-2022-36977
CVE-2022-36977 affects Ivanti Avalanche 6.3.2.3490. The vulnerability lies in the Certificate Management Server service, where improper validation of untrusted input enables deserialization, allowing remote code execution in the service account context. Authentication is required but can be bypas...
CVE-2020-15449
...
CVE-2020-15449
CVE-2020-15449 is rejected/not used; this candidate does not represent an active vulnerability entry.
CVE-2019-15449
Consolidated details across multiple feeds show a vulnerability affecting Samsung S7 Edge on Android 8.0 (build samsung/hero2ltexx/hero2lte:8.0.0). A pre-installed component from the theme center (package com.samsung.android.themecenter, versionCode 7000000, versionName 7.0.0.0) permits other pre...
CVE-2018-15449
The CVE-2018-15449 issue affects Cisco Video Surveillance Media Server’s web-based management interface. It arises from insufficient validation of user-supplied input, enabling an unauthenticated, remote attacker to cause a DoS by enticing a user to click a malicious link, rendering the managemen...
CVE-2017-15449
...
CVE-2017-15449
This CVE entry is rejected/not used and does not represent an active vulnerability.