CVE-2025-20727

In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

CVE-2025-20727

creationtimestamp| type| source ---|---|--- 2025-10-21 16:21:18+00:00| seen| https://bsky.app/profile/buherator.bsky.social/post/3m3pqfik6ss2g 2025-11-04 07:31:57+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m4rzdtjapn24...

CVE-2021-20727

Cross-site scripting vulnerability in Zettlr from 0.20.0 to 1.8.8 allows an attacker to execute an arbitrary script by loading a file or code snippet containing an invalid iframe into Zettlr...

CVE-2023-44418

D-Link DIR-X3260 Prog.cgi Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is not required to exploit this vulnerability. The specifi...

CVE-2023-44418 D-Link DIR-X3260 Prog.cgi Heap-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-X3260 Prog.cgi Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is not required to exploit this vulnerability. The specifi...

CVE-2024-20727

creationtimestamp| type| source ---|---|--- 2024-02-15 14:27:07+00:00| seen| https://t.me/ctinow/185548...

CVE-2024-20727

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-20727 [TianfuCup] out-of-bounds access vulnerability when parsing jpeg2000

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-20727

CVE-2024-20727 affects Adobe Acrobat Reader DC (Continuous and Classic) across Windows and macOS. It describes an out-of-bounds write vulnerability in parsing JPEG2000 that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim mu...

CVE-2024-20727 [TianfuCup] out-of-bounds access vulnerability when parsing jpeg2000

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Adobe Reader Classic 2020 Security Update (APSB24-07) - Windows

Adobe Acrobat Reader Classic 2020 Continuous is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2023-20727

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588531; Issue ID: ALPS07588531...

CVE-2023-20727

CVE-2023-20727 affects the wlan component in MediaTek chips, with an out-of-bounds read caused by a missing bounds check. According to the records, this may lead to local information disclosure and potentially system-level execution privileges, with no user interaction required. Exploitation deta...

CVE-2022-20727

Cisco IOx Application Hosting Environment vulnerability CVE-2022-20727 involves an in-application privilege-escalation flaw. The authenticated, local attacker can exploit improper input validation to modify application content while loading and gain root privileges on the underlying host OS. Affe...

CVE-2022-20727 Cisco IOx Application Hosting Environment Vulnerabilities

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...

CVE-2021-20727

Cross-site scripting vulnerability in Zettlr from 0.20.0 to 1.8.8 allows an attacker to execute an arbitrary script by loading a file or code snippet containing an invalid iframe into Zettlr...

CVE-2021-20727

CVE-2021-20727 (Zettlr) is a cross-site scripting vulnerability in Zettlr versions from 0.20.0 through 1.8.8. The root cause is the ability to execute arbitrary script when a file or code snippet containing an invalid iframe is loaded into Zettlr, enabling the execution of injected HTML/script in...

CVE-2019-20727

This CVE (CVE-2019-20727) affects multiple NETGEAR devices. The vulnerability is a command injection issue triggered by an authenticated user, with affected models including D6100 (≤1.0.0.63), R7800 (≤1.0.2.52), R8900 (≤1.0.4.2), R9000 (≤1.0.4.2), WNDR3700v4 (≤1.0.2.102), WNDR4300v1 (≤1.0.2.104),...

CVE-2018-20727

CVE-2018-20727 affects NeDi prior to 1.7Cp3. The vulnerability allows authenticated users to perform server-side command execution via user-controlled parameters: flt (Nodes-Traffic.php), dv (Devices-Graph.php), or tit (drawmap.php). This is a command-injection flaw arising from insufficient inpu...