CVE-2026-22641

This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources. The issue primarily...

CVE-2026-22641

creationtimestamp| type| source ---|---|--- 2026-01-15 15:12:34+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115899757567671679...

CVE-2026-22641

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Fedora: Security Advisory (FEDORA-2024-b00678c08a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-22641

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. An application may be able to gain elevated privileges...

CVE-2021-22641

A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite versions prior to 4.0.10.0...

Linux Distros Unpatched Vulnerability : CVE-2024-22641

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TCPDF version 6.6.5 and before is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted SVG file. CVE-2024-22641 Note that Nessus...

CVE-2025-22641

creationtimestamp| type| source ---|---|--- 2025-02-04 15:16:09+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedykgqho2i...

CVE-2025-22641

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Prem Tiwari FM Notification Bar fm-notification-bar allows Stored XSS.This issue affects FM Notification Bar: from n/a through = 1.0.4...

CVE-2025-22641

CVE-2025-22641 is a Stored XSS in the WordPress FM Notification Bar plugin (versions 1.0.2 and earlier) caused by improper input neutralization during web page generation. Public details confirm affected software and the vulnerability type; Patchstack indicates a fix in later releases (plugin

CVE-2025-22641 WordPress FM Notification Bar plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Prem Tiwari FM Notification Bar fm-notification-bar allows Stored XSS.This issue affects FM Notification Bar: from n/a through = 1.0.4...

CVE-2025-22641 WordPress FM Notification Bar plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Prem Tiwari FM Notification Bar allows Stored XSS. This issue affects FM Notification Bar: from n/a through 1.0.2...

Fedora 41 : php-tcpdf (2024-b00678c08a)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-b00678c08a advisory. Version 6.7.7 2024-10-26 - Update regular expression to avoid ReDoS CVE-2024-22641 - PHP 8.4 Fix: Curl CURLOPTBINARYTRANSFER deprecated 675 - SVG detection f...

Mageia: Security Advisory (MGASA-2024-0361)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0361 Updated php-tcpdf packages fix security vulnerability

TCPDF version 6.6.5 and before is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted SVG file. CVE-2024-22641...

Updated php-tcpdf packages fix security vulnerability

TCPDF version 6.6.5 and before is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted SVG file. CVE-2024-22641...

Fedora: Security Advisory (FEDORA-2024-afeeca72ce)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 39 : php-tcpdf (2024-0b2854c95b)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-0b2854c95b advisory. Version 6.7.7 2024-10-26 - Update regular expression to avoid ReDoS CVE-2024-22641 - PHP 8.4 Fix: Curl CURLOPTBINARYTRANSFER deprecated 675 - SVG detection f...

Fedora 40 : php-tcpdf (2024-afeeca72ce)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-afeeca72ce advisory. Version 6.7.7 2024-10-26 - Update regular expression to avoid ReDoS CVE-2024-22641 - PHP 8.4 Fix: Curl CURLOPTBINARYTRANSFER deprecated 675 - SVG detection f...

CVE-2024-22641

creationtimestamp| type| source ---|---|--- 2024-08-16 11:16:31+00:00| published-proof-of-concept| https://t.me/Rootsec2/3435 2024-11-19 17:49:20+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/10849...