22 matches found
CVE-2022-21266
Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications component: Pipeline Manager. Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows unauthenticated attacker with network access...
CVE-2025-21266
Windows Telephony Service Remote Code Execution Vulnerability...
CVE-2025-21266 Windows Telephony Service Remote Code Execution Vulnerability
...
CVE-2025-21266 Windows Telephony Service Remote Code Execution Vulnerability
...
CVE-2025-21266
CVE-2025-21266 is a Windows Telephony Service remote code execution vulnerability. The linked data shows a network-exposed impact with CVSS v3.1 base score 8.8 (HIGH), requiring user interaction for exploitation and affecting confidentiality, integrity, and availability. Affected component is the...
CVE-2024-21266
...
CVE-2024-21266
...
CVE-2023-21266
creationtimestamp| type| source ---|---|--- 2023-10-06 22:13:39+00:00| seen| https://t.me/cibsecurity/71752 2023-12-28 01:19:53+00:00| seen| https://t.me/arpsyndicate/2172 2024-01-19 19:27:03+00:00| seen| https://t.me/arpsyndicate/2953 2025-05-05 15:20:17+00:00| published-proof-of-concept|...
CVE-2023-21266
In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21266
In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21266
CVE-2023-21266 affects Android’s ActivityManagerService.java, describing a permissions bypass that could enable local escalation of privilege with no additional execution privileges required. Exploitation is stated to require no user interaction. The connected documents consistently frame this as...
CVE-2023-21266
In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-21266
creationtimestamp| type| source ---|---|--- 2022-01-19 14:31:57+00:00| seen| https://t.me/cibsecurity/35805...
CVE-2022-21266
Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications component: Pipeline Manager. Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows unauthenticated attacker with network access...
CVE-2022-21266
Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications component: Pipeline Manager. Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows unauthenticated attacker with network access...
CVE-2022-21266
The CVE-2022-21266 issue affects Oracle Communications BRM (Pipeline Manager) in versions 12.0.0.3 and 12.0.0.4. The root cause is a vulnerability that enables an unauthenticated attacker with network access via HTTP to compromise BRM, potentially leading to unauthorized access to critical data o...
CVE-2021-21266
creationtimestamp| type| source ---|---|--- 2021-02-01 19:25:07+00:00| seen| https://t.me/cibsecurity/22893...
CVE-2021-21266 XXE vulnerability in OpenHAB
openHAB is a vendor and technology agnostic open source automation software for your home. In openHAB before versions 2.5.12 and 3.0.1 the XML external entity XXE attack allows attackers in the same network as the openHAB instance to retrieve internal information like the content of files from th...
CVE-2021-21266
openHAB versions prior to 2.5.12 and 3.0.1 are affected by an XML external entity (XXE) vulnerability that allows network-local attackers to read files from the file system via XML parsing, with potentially malicious responses to SSDP requests. The issue arises in SAX/JAXB-based XML processing ac...
CVE-2020-21266
CVE-2020-21266 affects Broadleaf Commerce 5.1.14-GA and is caused by a slow HTTP POST that enables cross-site scripting (XSS) on the client. The impact is client-side script execution. A fix is referenced in Broadleaf release notes for 5.1.15-GA; upgrading to that version is the supported remedia...