10 matches found
CVE-2022-20514
In acquireFabricatedOverlayIterator, nextFabricatedOverlayInfos, and releaseFabricatedOverlayIterator of Idmap2Service.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction i...
CVE-2022-20514
creationtimestamp| type| source ---|---|--- 2025-04-21 14:01:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12644...
CVE-2019-20514
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the address/ URI...
CVE-2024-20514
creationtimestamp| type| source ---|---|--- 2024-11-06 19:10:57+00:00| seen| https://t.me/cvedetector/10032 2024-11-07 14:20:08+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113442108664352339 2024-11-07 14:20:08+00:00| seen|...
CVE-2022-20514
In acquireFabricatedOverlayIterator, nextFabricatedOverlayInfos, and releaseFabricatedOverlayIterator of Idmap2Service.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction i...
CVE-2022-20514
CVE-2022-20514 affects Android 13 and is tied to the Idmap2Service.cpp code path. The issue is an out-of-bounds write caused by a use-after-free in acquireFabricatedOverlayIterator, nextFabricatedOverlayInfos, and releaseFabricatedOverlayIterator, which could enable local escalation of privilege ...
CVE-2020-20514
CVE-2020-20514 describes a Cross-Site Request Forgery (CSRF) in Maccms v10. The vulnerability is triggered via the URL path admin.php/admin/admin/del/ids/.html and, when exploited by an authenticated attacker, can cause deletion of all users. Documents consistently reference Maccms v10 and the sa...
CVE-2019-20514
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the address/ URI...
CVE-2019-20514
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the address/ URI...
CVE-2019-20514
CVE-2019-20514 affects ERPNext 11.1.47 with a reflected XSS vulnerability via PATH_INFO to the /address/ URI. The root cause is inadequate validation of PATH_INFO, enabling injection of client-side script. Reported impact ranges across sources (CVSS data vary: up to high severity in some vectors)...