33 matches found
CVE-2019-20088
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GetPayload in GPMFmp4reader.c...
CVE-2024-20088
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932099; Issue ID: MSV-1543...
CVE-2021-20088
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in mootools-more 1.6.0 allows a malicious user to inject properties into Object.prototype...
CVE-2017-20088
A vulnerability classified as problematic has been found in Atahualpa Theme. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely...
CVE-2025-20088 vulnerabilities
Vulnerabilities for packages: mattermost-fips...
Mattermost Server 9.11.x < 9.11.6 / 10.0.x < 10.0.4 / 10.1.x < 10.1.4 / 10.2.x < 10.2.1 DoS (MMSA-2025-00425)
The version of Mattermost Server installed on the remote host is 9.11.x prior to 9.11.6, 10.0.x prior to 10.0.4, 10.1.x prior to 10.1.4, or 10.2.x prior to 10.2.1. It is, therefore, affected by a denial of service vulnerability due to a failure to properly validate post props which allows a...
CVE-2025-20088 Insufficient Input Validation on Post Props
Mattermost versions 10.2.x = 10.2.0, 9.11.x = 9.11.5, 10.0.x = 10.0.3, 10.1.x = 10.1.3 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post...
CVE-2025-20088
CVE-2025-20088 affects Mattermost Server: vulnerable in Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x
CVE-2025-20088 Insufficient Input Validation on Post Props
Mattermost versions 10.2.x = 10.2.0, 9.11.x = 9.11.5, 10.0.x = 10.0.3, 10.1.x = 10.1.3 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post...
CVE-2023-37311
D-Link DAP-2622 DDP Set Device Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-37311 D-Link DAP-2622 DDP Set Device Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set Device Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-37311
DVE-2023-37311 affects D-Link DAP-2622 routers. The DDP service allows a stack-based buffer overflow on user-supplied data, enabling remote code execution with root privileges and no authentication. Public documentation consistently cites this as a stack-based overflow in the DDP Set Device Info ...
CVE-2023-37311 D-Link DAP-2622 DDP Set Device Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set Device Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2019-20088
creationtimestamp| type| source ---|---|--- 2024-03-18 10:12:00+00:00| seen| https://t.me/ctinow/210340...
CVE-2023-20088
creationtimestamp| type| source ---|---|--- 2023-03-03 18:34:34+00:00| seen| https://t.me/cibsecurity/59380...
CVE-2023-20088
The vulnerability CVE-2023-20088 affects Cisco Finesse’s VPN-less reverse proxy, where the nginx-based reverse proxy improperly filters IP addresses. An unauthenticated, remote attacker can send crafted requests via the load balancer to cause a denial of service (DoS) for current and new users, a...
Mootools-more 1.6.0 is use which is potential vulnerable to CVE-2021-20088
Description Mootools-more 1.6.0 is use which is potential vulnerable to CVE-2021-20088 Proof of Concept https://github.com/BlackFan/client-side-prototype-pollution/blob/master/pp/mootools-more.md...
CVE-2017-20088
creationtimestamp| type| source ---|---|--- 2022-06-23 12:29:24+00:00| seen| https://t.me/cibsecurity/44965...
CVE-2017-20088
A vulnerability classified as problematic has been found in Atahualpa Theme. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely...
CVE-2017-20088
A vulnerability classified as problematic has been found in Atahualpa Theme. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely...