40 matches found
CVE-2026-20149
A vulnerability in Cisco Webex could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. Cisco has addressed this vulnerability, and no customer action is needed. This vulnerability was due to improper filtering of user-supplied input. Prior to this...
Linux Distros Unpatched Vulnerability : CVE-2019-20149
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by...
CVE-2022-20149
Product: AndroidVersions: Android kernelAndroid ID: A-211685939References: N/A...
CVE-2021-20149
Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN interface. The default iptables ruleset for governing access to services on the device only apply to IPv4. All services running on the devices are accessible via the WAN interface via IPv6 by default...
Azure Linux 3.0 Security Update: js-jquery (CVE-2019-20149)
The version of js-jquery installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-20149 advisory. - ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attribute...
CVE-2024-20149
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01231341 / MOLY01263331 / MOLY01233835; Issue ID: MSV-2165...
CVE-2024-20149
CVE-2024-20149 affects the Modem component, with an input validation flaw that can cause a remote denial of service (no privileges, no user interaction needed). The vulnerability is associated with a network-based attack vector and a high impact on availability (CVSS 3.1 base score 7.5). Affected...
CVE-2024-20149
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01231341 / MOLY01263331 / MOLY01233835; Issue ID: MSV-2165...
CBL Mariner 2.0 Security Update: js-jquery (CVE-2019-20149)
The version of js-jquery installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-20149 advisory. - ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attribute...
CVE-2019-20149 affecting package js-jquery for versions less than 3.5.0-4
CVE-2019-20149 affecting package js-jquery for versions less than 3.5.0-4. A patched version of the package is available...
CVE-2019-20149 affecting package js-jquery for versions less than 3.5.0-4
CVE-2019-20149 affecting package js-jquery for versions less than 3.5.0-4. A patched version of the package is available...
CVE-2019-20149
creationtimestamp| type| source ---|---|--- 2024-03-18 15:46:29+00:00| seen| https://t.me/ctinow/210666 2026-02-20 13:38:22+00:00| seen| https://www.acn.gov.it/portale/w/aggiornamenti-di-sicurezza-prodotti-atlassian...
MikroTik RouterOS Out-of-bounds Write (CVE-2017-20149)
The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A remote and unauthenticated user can trigger the vulnerability by sending a crafted HTTP request. An attacker can use this vulnerability to execute arbitrary code on t...
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities
Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...
CVE-2023-20149
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. These vulnerabilities are due t...
CVE-2023-20149
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. These vulnerabilities are due t...
CVE-2023-20149
The CVE-2023-20149 entry concerns Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers. Affected component: the web-based management interface. Root cause: insufficient input validation enables cross-site scripting (XSS). Impact: unauthenticated, remote attacker can craft HT...
CVE-2017-20149
creationtimestamp| type| source ---|---|--- 2022-10-15 07:29:23+00:00| exploited| https://t.me/cibsecurity/51523 2026-01-20 08:59:41+00:00| seen| https://mastodon.social/users/hrbrmstr/statuses/115926602786770030...
CVE-2017-20149
The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A remote and unauthenticated user can trigger the vulnerability by sending a crafted HTTP request. An attacker can use this vulnerability to execute arbitrary code on t...
CVE-2017-20149
CVE-2017-20149 affects MikroTik RouterOS web server. A remote, unauthenticated attacker can trigger memory corruption via a crafted HTTP request, enabling arbitrary code execution on affected devices. Vulnerable versions: Stable before 6.38.5 and Long-term before 6.37.5 (Chimay-Red). Exploited in...