35 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-20153
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS. CVE-2018-201...
CVE-2019-20153
An issue was discovered in Determine formerly Selectica Contract Lifecycle Management CLM in v5.4. An XML external entity XXE vulnerability in the upload definition feature in definitionuploadattach.jsp allows authenticated remote attackers to read arbitrary files including configuration files...
CVE-2017-20153
A vulnerability has been found in aerouk imageserve and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument REQUESTURI leads to cross site scripting. The attack can be launched remotely. The complexity of an attack is rather high...
Linux Distros Unpatched Vulnerability : CVE-2022-20153
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In rcucblistdequeue of rcusegcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kerne...
CVE-2025-20153
A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device. This vulnerability is due to improper handling of email...
Cisco Secure Email Gateway Email Filter Bypass (cisco-sa-esa-mailpol-bypass-5nVcJZMw)
According to its self-reported version, Cisco Secure Email Gateway is affected by a vulnerability. - A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been...
CVE-2025-20153
A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device. This vulnerability is due to improper handling of email...
CVE-2025-20153
A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device. This vulnerability is due to improper handling of email...
CVE-2025-20153 Cisco ESA mail Bypass
A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device. This vulnerability is due to improper handling of email...
CVE-2024-20153
In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08990446 / ALPS09057442; Issue ID: MSV-1598...
CVE-2024-20153
creationtimestamp| type| source ---|---|--- 2025-01-06 04:02:56+00:00| seen| https://infosec.exchange/users/cve/statuses/113779420439136215 2025-01-06 04:15:50+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf2bl4uxz222 2025-01-06 04:42:52+00:00| seen|...
CVE-2024-20153
CVE-2024-20153 affects the WLAN STA module (MediaTek ecosystem) and describes a vulnerability where an attacker could coax a client to attach to an AP using a spoofed SSID, potentially causing remote information disclosure without extra privileges. Exploitation is stated as not requiring user int...
CVE-2024-20153
In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08990446 / ALPS09057442; Issue ID: MSV-1598...
CVE-2019-20153
creationtimestamp| type| source ---|---|--- 2024-03-19 14:46:39+00:00| seen| https://t.me/ctinow/211554...
CVE-2023-20153
Multiple vulnerabilities in specific Cisco Identity Services Engine ISE CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid...
CVE-2023-20153
Multiple vulnerabilities in specific Cisco Identity Services Engine ISE CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid...
CVE-2023-20153
Cisco Identity Services Engine (ISE) contains multiple command injection vulnerabilities in specific ISE CLI commands due to insufficient validation of user-supplied input. An authenticated local attacker with Administrator privileges can exploit crafted CLI commands to elevate privileges to root...
CVE-2023-20153 Cisco Identity Services Engine Command Injection Vulnerabilities
Multiple vulnerabilities in specific Cisco Identity Services Engine ISE CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid...
CVE-2017-20153
creationtimestamp| type| source ---|---|--- 2022-12-30 14:14:01+00:00| seen| https://t.me/cibsecurity/55551...
CVE-2017-20153
CVE-2017-20153 affects aerouk imageserve. The vulnerability arises from improper handling of the REQUEST_URI argument, enabling cross-site scripting (XSS) . Exploitation can be performed remotely; attack complexity is described as high, and functional impact includes potential script execution wi...