CVE-2026-21257

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network...

CVE-2026-21257 GitHub Copilot and Visual Studio Elevation of Privilege Vulnerability

...

CVE-2022-21257

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Samples. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Serve...

CVE-2021-21257

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite implementations in the Contiki-NG operating system versions prior to 4.6 do not validate the address pointer in the RPL source routing header This makes it possible for an...

CVE-2025-21257

Windows WLAN AutoConfig Service Information Disclosure Vulnerability...

CVE-2025-21257

creationtimestamp| type| source ---|---|--- 2025-01-14 17:29:48+00:00| seen| https://www.thezdi.com/blog/2025/1/14/the-january-2025-security-update-review 2025-01-14 18:19:02+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpugaqume2r 2025-01-14 21:11:14+00:00| seen|...

CVE-2024-21257

Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion component: UI and Visualization. The supported version that is affected is 11.2.18.0.000. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware...

CVE-2024-21257

...

CVE-2024-21257

...

CVE-2023-21257

creationtimestamp| type| source ---|---|--- 2023-07-13 07:45:23+00:00| seen| https://t.me/cibsecurity/66623...

CVE-2023-21257

In updateSettingsInternalLI of InstallPackageHelper.java, there is a possible way to sideload an app in the work profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-21257

CVE-2023-21257 is an Android Framework elevation-of-privilege issue. In the function updateSettingsInternalLI of InstallPackageHelper.java , a missing permission check could allow sideloading an app into the work profile, enabling local privilege escalation with no extra execution privileges requ...

CVE-2022-21257

creationtimestamp| type| source ---|---|--- 2022-01-19 14:41:54+00:00| seen| https://t.me/cibsecurity/35854...

CVE-2022-21257

CVE-2022-21257 affects Oracle WebLogic Server (Fusion Middleware) in the Samples component for versions 12.2.1.4.0 and 14.1.1.0.0. An unauthenticated attacker with network access via HTTP can compromise WebLogic Server; attacks may read/modify data and impact data integrity. CVSS v3.1 base score ...

CVE-2022-21257

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Samples. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Serve...

CVE-2018-21257

creationtimestamp| type| source ---|---|--- 2020-06-19 20:55:29+00:00| seen| https://t.me/cibsecurity/12895...

CVE-2018-21257

CVE-2018-21257 (Mattermost Server) affects Mattermost Server before 5.1. The issue allows attackers to bypass intended access restrictions for setting a channel header via the Channel header slash command API. Connected sources confirm this vulnerability across multiple trackers (Red Hat, NVD, OS...