CVE-2021-22254

Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9...

CVE-2025-22254

An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7,...

CVE-2025-22254

creationtimestamp| type| source ---|---|--- 2025-06-11 04:33:08+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18043...

CVE-2025-22254

An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7,...

CVE-2025-22254

An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7,...

CVE-2025-22254

An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7,...

CVE-2025-22254

CVE-2025-22254 affects Fortinet FortiOS (7.6.0–7.6.1, 7.4.0–7.4.6, 7.2.0–7.2.10, 7.0.0–7.0.16, 6.4.0–6.4.15), FortiProxy (7.6.0–7.6.1, 7.4.0–7.4.7) and FortiWeb (7.6.0–7.6.1, 7.4.0–7.4.6). Root cause: Improper Privilege Management (CWE-269) allowing an authenticated user with at least read-only a...

Fortinet Fortigate Privilege escalation in GUI websocket module (FG-IR-25-006)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-006 advisory. - An Improper Privilege Management vulnerability CWE-269 affecting Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 throug...

CVE-2023-51555 Foxit PDF Reader Doc Out-Of-Bounds Read Information Disclosure Vulnerability

Foxit PDF Reader Doc Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2023-51555

CVE-2023-51555 is a Foxit PDF Reader/Editor vulnerability described as a Doc object handling out-of-bounds read that can disclose sensitive information. The NVD entry notes that user interaction is required (target must visit a malicious page or open a malicious file) and that the flaw can be lev...

CVE-2023-51555 Foxit PDF Reader Doc Out-Of-Bounds Read Information Disclosure Vulnerability

Foxit PDF Reader Doc Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

Critical VMware Vulnerabilities Leading To Sandbox Escape

Summary: Critical vulnerabilities tracked as CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, and CVE-2024-22255 have been addressed by Vmware. These vulnerabilities allow attackers to bypass virtual machines and execute commands on the host machine. Workstation, Fusion, Cloud Foundation, and VMwa...

VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws

VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and CVE-2024-22253, the vulnerabilities have been described as use-after-free bugs in the XHCI USB...

CVE-2024-22254

VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox...

CVE-2024-22254

VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox...

CVE-2024-22254

CVE-2024-22254 : VMware ESXi contains an out-of-bounds write vulnerability in the VMX sandbox process. A local, privileged attacker within a VMX context could trigger the write and escape the sandbox, potentially impacting the host. Public details confirm the issue affects ESXi (and related VMwar...

CVE-2024-22254 Out-of-bounds write vulnerability

VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox...

GitLab 13.1 < 13.12.9 / 14.0 < 14.0.7 / 14.1 < 14.1.2 (CVE-2021-22254)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9. CVE-2021-22254 Note that Ness...

CVE-2023-22254

creationtimestamp| type| source ---|---|--- 2023-03-22 19:36:07+00:00| seen| Telegram/2txupu4yFMZfHNIn01tSpYgAlyqOUExBKTaSrELh5dIPBY...

CVE-2023-22254 AEM Reflected XSS Arbitrary code execution

Experience Manager versions 6.5.15.0 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...