CVE-2026-20034

creationtimestamp| type| source ---|---|--- 2026-05-06 17:22:16+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml77nupzno2f 2026-05-06 17:23:03+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml77pbe23t2k 2026-05-06 19:30:10+00:00| seen|...

CVE-2016-20034

creationtimestamp| type| source ---|---|--- 2026-03-19 16:20:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhgfsmtmbz2e...

CVE-2016-20034

Wowza Streaming Engine 4.5.0 contains a privilege escalation vulnerability that allows authenticated read-only users to elevate privileges to administrator by manipulating POST parameters. Attackers can send POST requests to the user edit endpoint with accessLevel set to 'admin' and advUser...

AlmaLinux 8 : libtiff (ALSA-2025:20034)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:20034 advisory. libtiff: LibTIFF Use-After-Free Vulnerability CVE-2025-8176 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

CVE-2024-20034

In battery, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08488849; Issue ID: ALPS08488849...

CVE-2022-20034

In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for...

CVE-2021-20034

An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings...

CVE-2025-20034

Improper input validation in the BackupBiosUpdate UEFI firmware SmiVariable driver for the IntelR Server D50DNP and M50FCP boards before version R01.02.0003 may allow a privileged user to potentially enable information disclosure via local access...

CVE-2025-20034

The CVE-2025-20034 issue affects Intel Server Board D50DNP and M50FCP UEFI firmware, specifically the BackupBiosUpdate SmiVariable driver. The root cause is improper input validation in this driver, prior to version R01.02.0003, which may allow a privileged local user to cause information disclos...

CVE-2025-20034

Improper input validation in the BackupBiosUpdate UEFI firmware SmiVariable driver for the IntelR Server D50DNP and M50FCP boards before version R01.02.0003 may allow a privileged user to potentially enable information disclosure via local access...

CVE-2025-20034

Improper input validation in the BackupBiosUpdate UEFI firmware SmiVariable driver for the IntelR Server D50DNP and M50FCP boards before version R01.02.0003 may allow a privileged user to potentially enable information disclosure via local access...

CVE-2023-39501 PDF-XChange Editor OXPS File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

PDF-XChange Editor OXPS File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the targ...

CVE-2023-39501

PDF-XChange Editor is affected by an OXPS file parsing vulnerability caused by dereferencing an unvalidated user-supplied value, enabling remote code execution when a user opens a malicious OXPS file or visits a malicious page. The flaw, described by ZDI as ZDI-23-1135, requires user interaction ...

CVE-2024-20034

creationtimestamp| type| source ---|---|--- 2024-03-04 04:32:15+00:00| seen| https://t.me/ctinow/198992...

CVE-2024-20034

CVE-2024-20034 affects MediaTek battery module, with a missing bounds check that could enable local privilege escalation to System level. The vulnerability relies on no user interaction and has a network-style CVSS base with high impact across confidentiality, integrity, and availability, though ...

CVE-2023-20034

creationtimestamp| type| source ---|---|--- 2023-09-27 22:36:15+00:00| seen| https://t.me/cibsecurity/71150...

CVE-2023-20034

CVE-2023-20034 affects Cisco SD-WAN vManage (Elasticsearch component). The issue arises from a static username/password configured on vManage, enabling an unauthenticated, remote attacker to access the Elasticsearch configuration database and view its content by sending a crafted HTTP request to ...

CVE-2017-20034

creationtimestamp| type| source ---|---|--- 2022-06-10 14:37:28+00:00| seen| https://t.me/cibsecurity/44161...

CVE-2017-20034

A vulnerability classified as problematic was found in PHPList 3.2.6. This vulnerability affects unknown code of the file /lists/admin/ of the component List Name. The manipulation leads to cross site scripting Persistent. The attack can be initiated remotely. Upgrading to version 3.3.1 is able t...

CVE-2017-20034 PHPList List Name Persistent cross site scriting

A vulnerability classified as problematic was found in PHPList 3.2.6. This vulnerability affects unknown code of the file /lists/admin/ of the component List Name. The manipulation leads to cross site scripting Persistent. The attack can be initiated remotely. Upgrading to version 3.3.1 is able t...