23 matches found
CVE-2026-20104
A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series Switches, and Cisco IE3500 and IE3505 Rugged Series Switches could allow an authenticated, local...
CVE-2024-20104
In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09073261; Issue ID: MSV-1772...
CVE-2025-20104
Race condition in some Administrative Tools for some IntelR Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2025-20104
Race condition in some Administrative Tools for some IntelR Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2025-20104
Race condition in some Administrative Tools for some IntelR Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2025-20104
CVE-2025-20104 describes a race condition in Intel Network Adapters software, specifically affecting Intel Network Adapters package and Administrative Tools for Intel Network Adapters before version 29.4. The underlying issue allows an authenticated local user to potentially escalate privileges. ...
CVE-2017-20104
A vulnerability was found in Simplessus 3.7.7. It has been declared as critical. This vulnerability affects unknown code of the component Cookie Handler. The manipulation of the argument UWASID leads to sql injection Time. The attack can be initiated remotely. The exploit has been disclosed to th...
CVE-2024-20104
In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09073261; Issue ID: MSV-1772...
CVE-2023-37325
D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows network-adjacent attackers to make unauthorized changes to device configuration on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2023-37325 D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability
D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows network-adjacent attackers to make unauthorized changes to device configuration on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2023-37325
The CVE-2023-37325 issue affects the D-Link DAP-2622 DDP service, where a lack of authentication allows network-adjacent attackers to remotely modify wireless authentication settings and device configuration. Exploitation is possible without credentials and without user interaction, using the DDP...
CVE-2023-20104
creationtimestamp| type| source ---|---|--- 2023-03-03 18:34:33+00:00| seen| https://t.me/cibsecurity/59379...
CVE-2023-20104
A vulnerability in the file upload functionality of Cisco Webex App for Web could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input. An attacker could...
CVE-2018-20104
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none...
CVE-2017-20104 Simplessus Cookie Time sql injection
A vulnerability was found in Simplessus 3.7.7. It has been declared as critical. This vulnerability affects unknown code of the component Cookie Handler. The manipulation of the argument UWASID leads to sql injection Time. The attack can be initiated remotely. The exploit has been disclosed to th...
CVE-2017-20104 Simplessus Cookie Time sql injection
A vulnerability was found in Simplessus 3.7.7. It has been declared as critical. This vulnerability affects unknown code of the component Cookie Handler. The manipulation of the argument UWASID leads to sql injection Time. The attack can be initiated remotely. The exploit has been disclosed to th...
CVE-2022-20104
creationtimestamp| type| source ---|---|--- 2022-05-04 00:34:32+00:00| seen| https://t.me/cibsecurity/41862...
CVE-2022-20104
In aee daemon, there is a possible information disclosure due to improper access control. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; Issue ID: ALPS06284104...
CVE-2022-20104
CVE-2022-20104 affects the aee daemon with an information-disclosure vulnerability caused by improper access control. The issue allows local disclosure without extra execution privileges and does not require user interaction. Patch ALPS06419017 (Issue ALPS06284104) is noted; no other remediation ...
CVE-2021-20104
MachForm prior to version 16 is vulnerable to unauthenticated remote code execution due to insufficient sanitization of file attachments uploaded with forms through upload.php. Affected software: MachForm