Lucene search
K

12 matches found

ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.3 views

CVE-2026-22404

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Innovio innovio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Innovio: from n/a through = 1.7...

5.4CVSS5.3AI score0.00201EPSS
Exploits0References2
Circl
Circl
added 2025/04/07 3:45 p.m.3 views

CVE-2023-22404

creationtimestamp| type| source ---|---|--- 2025-04-07 15:45:26+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10724...

6.5CVSS6.3AI score0.0063EPSS
Exploits0References1
Circl
Circl
added 2024/01/18 10:21 p.m.2 views

CVE-2024-22404

creationtimestamp| type| source ---|---|--- 2024-01-18 22:21:37+00:00| seen| https://t.me/ctinow/169969 2024-02-12 14:41:47+00:00| seen| https://t.me/ctinow/183122...

4.3CVSS5.7AI score0.00517EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/18 8:14 p.m.18 views

CVE-2024-22404 Permissions bypass in Nextcloud with the files zip app

Nextcloud files Zip app is a tool to create zip archives from one or multiple files from within Nextcloud. In affected versions users can download "view-only" files by zipping the complete folder. It is recommended that the Files ZIP app is upgraded to 1.2.1, 1.4.1, or 1.5.0. Users unable to...

4.1CVSS4.9AI score0.00517EPSS
Exploits0References3
CVE
CVE
added 2024/01/18 8:14 p.m.57 views

CVE-2024-22404

CVE-2024-22404 is a permissions-bypass in the Nextcloud Files ZIP app. In affected versions, users can download view-only files by zipping an entire folder, bypassing intended access restrictions. Supported mitigations include upgrading the Files ZIP app to version 1.2.1, 1.4.1, or 1.5.0, or disa...

4.3CVSS4.5AI score0.00517EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/01/13 12:15 a.m.19 views

CVE-2023-22404

An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon iked of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to cause a Denial of Service DoS. iked will crash and restart, and the tunnel will not come up when a...

6.5CVSS6.5AI score0.0063EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/12 12:0 a.m.7 views

CVE-2023-22404 Junos OS: SRX Series and MX Series with SPC3: When IPsec VPN is configured iked will core when a specifically formatted payload is received

An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon iked of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to cause a Denial of Service DoS. iked will crash and restart, and the tunnel will not come up when a...

6.5CVSS6.6AI score0.0063EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/01/12 12:0 a.m.38 views

Juniper Junos OS Vulnerability (JSA70200)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70200 advisory. - An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon iked of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated,...

6.5CVSS6.6AI score0.0063EPSS
Exploits0References2
CVE
CVE
added 2023/01/12 12:0 a.m.69 views

CVE-2023-22404

CVE-2023-22404 describes an out-of-bounds write in Juniper Junos OS iked (SRX/MX with SPC3) that can cause DoS. An authenticated, network-based attacker can trigger iked to crash and restart during IKE negotiation by sending a specially formatted payload, disrupting other concurrent IKE negotiati...

6.5CVSS6.5AI score0.0063EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2022/04/01 8:23 p.m.3 views

CVE-2022-22404

creationtimestamp| type| source ---|---|--- 2022-04-01 20:23:51+00:00| seen| https://t.me/cibsecurity/40007...

6.5CVSS6.2AI score0.00941EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/31 2:33 p.m.17 views

Security Bulletin: IBM App Connect Enterprise Certified Container Dashboards may be vulnerable to denial of service due to CVE-2022-22404

Summary The IBM App Connect Enterprise Certified Container Dashboard is used for managing deployable resources, configuration and IntegrationService instances. The Dashboard UI is vulnerable to denial of service due to excessive rate limiting. This bulletin provides patch information to address t...

6.5CVSS6AI score0.00941EPSS
Exploits0Affected Software1
CVE
CVE
added 2021/10/28 12:21 p.m.43 views

CVE-2021-22404

CVE-2021-22404 concerns a directory traversal vulnerability in Huawei smartphone software (Huawei EMUI and Magic UI). Exploitation could lead to unauthorized access to sensitive data, affecting service confidentiality. The connected documents corroborate a path traversal issue, but do not provide...

5.3CVSS5.3AI score0.00871EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder