CVE-2025-20798

creationtimestamp| type| source ---|---|--- 2026-01-06 20:13:20+00:00| seen| Telegram/PFrA7CJJ7CXBjBQDjwjiG1MpgnsXkm-Ij4iFje1tKThixY 2026-01-06 23:20:06+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbs3pazw6q2u...

CVE-2021-20798

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

CVE-2023-39467 Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability

Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability...

CVE-2023-39467

Triangle MicroWorks SCADA Data Gateway is affected by an information-disclosure vulnerability related to the certificate web directory configuration. The flaw allows remote attackers to obtain sensitive data without authentication, via exposure of sensitive information in the application webroot....

Adobe Illustrator Multiple Vulnerabilities (APSB24-25) - Windows

Adobe Illustrator is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:illustrator";...

Adobe Illustrator Multiple Vulnerabilities (APSB24-25) - Mac OS X

Adobe Illustrator is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:illustrator";...

Adobe Illustrator < 27.9.3 / 28.0 < 28.4 Multiple Vulnerabilities (APSB24-25)

The version of Adobe Illustrator installed on the remote Windows host is prior to 27.9.3, 28.4. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-25 advisory. - Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds write vulnerability that...

CVE-2023-20798

CVE-2023-20798 concerns a buffer size miscalculation in the MediaTek pda module leading to an out-of-bounds read. The issue can cause local information disclosure with system-level privileges and does not require user interaction. Affected component: pda in MediaTek microprogram software (as docu...

CVE-2022-20798

creationtimestamp| type| source ---|---|--- 2022-06-16 09:37:08+00:00| seen| https://t.me/codebysec/6085 2022-06-16 19:50:03+00:00| seen| https://t.me/truesecator/3068 2022-06-18 10:10:18+00:00| seen| https://t.me/itsecnews/843...

Critical Flaw in Cisco Secure Email and Web Manager Lets Attackers Bypass Authentication

Cisco on Wednesday rolled out fixes to address a critical security flaw affecting Email Security Appliance ESA and Secure Email and Web Manager that could be exploited by an unauthenticated, remote attacker to sidestep authentication. Assigned the CVE identifier CVE-2022-20798, the bypass...

CVE-2022-20798 Cisco Email Security Appliance and Cisco Secure Email and Web Manager External Authentication Bypass Vulnerability

A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance SMA, and Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass authentication and log in to the web...

CVE-2022-20798

Cisco’s CVE-2022-20798 vulnerability affects Cisco Secure Email and Web Manager (SMA) and Cisco Email Security Appliance (ESA). The flaw arises from improper authentication checks when external authentication uses LDAP, allowing an unauthenticated, remote attacker to bypass login and access the w...

CVE-2019-20798

An XSS issue was discovered in handlerserverinfo.c in Cherokee through 1.2.104. The requested URL is improperly displayed on the About page in the default configuration of the web server and its administrator panel. The XSS in the administrator panel can be used to reconfigure the server and...

CVE-2021-20798

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

CVE-2021-20798

CVE-2021-20798 is a cross-site scripting vulnerability in the Cybozu Remote Service management screen (versions 3.1.8–3.1.9). An authenticated remote attacker can inject arbitrary scripts into the UI, potentially affecting the user’s browser session. The issue affects Cybozu Remote Service 3.1.8 ...

pfSense < 2.4.4-p3 Multiple Vulnerabilities

According to its self-reported version number, the remote pfSense install is a version prior to 2.4.4-p3. It is, therefore, affected by multiple vulnerabilities, including the following: - In pfSense 2.4.41, blocking of source IP addresses on the basis of failed HTTPS authentication is inconsiste...

CVE-2019-20798

CVE-2019-20798 affects Cherokee web server versions 1.2.104 and earlier. The issue is an XSS in the handler_server_info.c module that causes the About page to display the requested URL incorrectly in the default configuration, enabling an attacker in the administrator panel to reconfigure the ser...

CVE-2018-20798

pfSense 2.4.4_1 is affected by CVE-2018-20798 due to an expiretable configuration that creates block durations incompatible with sshguard, potentially allowing bypass of access restrictions. The issue is described in the NVD entry for the CVE and echoed by Nessus notes referencing pfSense 2.4.4-p...