CVE-2026-21417

Dell CloudBoost Virtual Appliance, versions prior to 19.14.0.0, contains a Plaintext Storage of Password vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...

Linux Distros Unpatched Vulnerability : CVE-2021-21417

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fluidsynth is a software synthesizer based on the SoundFont 2 specifications. A use after free violation was discovered in fluidsynth, that can be triggered whe...

CVE-2023-21417

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service...

CVE-2025-21417

Windows Telephony Service Remote Code Execution Vulnerability...

CVE-2025-21417 Windows Telephony Service Remote Code Execution Vulnerability

...

CVE-2025-21417 Windows Telephony Service Remote Code Execution Vulnerability

...

CVE-2025-21417

creationtimestamp| type| source ---|---|--- 2025-01-14 17:29:48+00:00| seen| https://www.thezdi.com/blog/2025/1/14/the-january-2025-security-update-review 2025-01-14 18:23:50+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpuotjzon2n 2025-01-14 18:49:09+00:00| seen|...

CVE-2024-21417

Windows Text Services Framework Elevation of Privilege Vulnerability...

CVE-2024-6145

Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exis...

CVE-2024-6145 Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability

Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exis...

CVE-2024-6145

The CVE-2024-6145 entry concerns Actiontec WCB6200Q routers. Concrete details in connected documents show that the vulnerability exists in the HTTP server, where a crafted Cookie header can trigger a format specifier from a user-supplied string, allowing a network-adjacent attacker to execute arb...

CVE-2024-6145 Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability

Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exis...

CVE-2023-21417

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service...

CVE-2023-21417

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service...

CVE-2023-21417

CVE-2023-21417 affects AXIS OS via the VAPIX API endpoint manageoverlayimage.cgi, where path traversal can lead to file/folder deletion. Exploitation requires an operator- or administrator-privileged service account, with impact higher on administrator privileges and non-system files; operator ac...

CBL Mariner 2.0 Security Update: mysql (CVE-2022-21417)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-21417 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are...

SUSE CVE-2021-28421

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-21417. Reason: This candidate is a duplicate of CVE-2021-21417. Notes: All CVE users should reference CVE-2021-21417 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

RHEL 9 : mysql (RHSA-2022:6590)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6590 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...

Ubuntu: Security Advisory (USN-5400-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security fix for the ALT Linux 10 package MySQL version 8.0.29-alt1

8.0.29-alt1 built July 5, 2022 Nikolai Kostrigin in task 302902 --- June 30, 2022 Nikolai Kostrigin - new version + fixes: CVE-2021-22570, CVE-2022-0778, CVE-2022-21454, CVE-2022-21457 + fixes: CVE-2022-21425, CVE-2022-21440, CVE-2022-21459, CVE-2022-21478 + fixes: CVE-2022-21479, CVE-2022-21418,...