CVE-2024-20754

creationtimestamp| type| source ---|---|--- 2024-03-18 19:26:59+00:00| seen| https://t.me/ctinow/210862...

CVE-2024-20754

Lightroom Desktop versions 7.1.2 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. If the application uses a search path to locate critical resources such as programs, then an attacker could modify...

CVE-2024-20754

Adobe Lightroom Desktop

CVE-2024-20754 Lightroom Desktop | Untrusted Search Path (CWE-426)

Lightroom Desktop versions 7.1.2 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. If the application uses a search path to locate critical resources such as programs, then an attacker could modify...

CVE-2023-20754

creationtimestamp| type| source ---|---|--- 2023-07-04 07:28:18+00:00| seen| https://t.me/cibsecurity/65912...

CVE-2023-20754

CVE-2023-20754 affects MediaTek keyinstall: an out-of-bounds write caused by an integer overflow in keyinstall could enable local privilege escalation with SYSTEM privileges and no user interaction. Multiple sources (including Red Hat and Android security bulletin mappings) corroborate the issue ...

CVE-2022-20754

CVE-2022-20754 affects Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS). The vulnerabilities reside in the API/cluster database and web-based management interfaces, caused by insufficient input validation of user-supplied command arguments. An authenticated, read/wr...

CVE-2022-20754 Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the...

Update now! Cisco fixes several vulnerabilities

Cisco has released a security advisory about two vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS. The flaws could allow an authenticated, remote attacker with read/write privileges to the application t...

Critical Patches Issued for Cisco Expressway Series, TelePresence VCS Products

Cisco this week shipped patches to address a new round of critical security vulnerabilities affecting Expressway Series and Cisco TelePresence Video Communication Server VCS that could be exploited by an attacker to gain elevated privileges and execute arbitrary code. The two flaws – tracked as...

CVE-2022-20754

creationtimestamp| type| source ---|---|--- 2022-03-03 13:14:13+00:00| seen| https://t.me/truesecator/2693 2022-03-03 19:53:52+00:00| seen| https://t.me/NeKaspersky/1922 2022-04-06 22:30:44+00:00| seen| https://t.me/cibsecurity/40263...

CVE-2021-20754

creationtimestamp| type| source ---|---|--- 2021-08-18 12:16:49+00:00| seen| https://t.me/cibsecurity/27488...

CVE-2021-20754

CVE-2021-20754 involves Cybozu Garoon Workflow improper input validation. Affected: Cybozu Garoon versions 4.0.0–5.0.2. Vulnerability allows a remote authenticated attacker to alter Workflow data without the appropriate privilege (root cause: input validation flaw in the Workflow component). Impa...

JVN#54794245: Multiple vulnerabilities in Cybozu Garoon

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-1782 Cross-site scripting vulnerability in Scheduler CWE-79 - CVE-2021-20753 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2|...

CVE-2019-20754

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects DGN2200 before 1.0.0.58, DGN2200B before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.80, D6220 before 1.0.0.44, EX7000 before 1.0.0.66, EX6200 before 1.0.3.88, EX6150...

CVE-2019-20754

CVE-2019-20754 affects several NETGEAR devices due to a buffer overflow caused by a vulnerability exploitable by an authenticated user. Affected models include DGN2200/DGN2200B (before 1.0.0.58), D8500 (before 1.0.3.42), D7000v2 (before 1.0.0.51), D6400 (before 1.0.0.80), D6220 (before 1.0.0.44),...

CVE-2019-20754

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects DGN2200 before 1.0.0.58, DGN2200B before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.80, D6220 before 1.0.0.44, EX7000 before 1.0.0.66, EX6200 before 1.0.3.88, EX6150...