CVE-2021-22669

Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to escalate privileges on the system...

CVE-2025-22669

Cross-Site Request Forgery CSRF vulnerability in AwesomeTOGI Awesome Event Booking awesome-event-booking allows Cross Site Request Forgery.This issue affects Awesome Event Booking: from n/a through = 2.7.5...

CVE-2025-22669

creationtimestamp| type| source ---|---|--- 2025-03-27 14:27:23+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9089...

CVE-2025-22669 WordPress Awesome Event Booking plugin <= 2.7.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in AwesomeTOGI Awesome Event Booking awesome-event-booking allows Cross Site Request Forgery.This issue affects Awesome Event Booking: from n/a through = 2.7.5...

CVE-2025-22669

CVE-2025-22669 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Awesome Event Booking (AKA AwesomeTOGI) affecting versions from unspecified earlier up to and including 2.7.5. Public sources in connected data indicate a CVSS v3.1 base score of 4.3 (Medium) with n...

Mageia: Security Advisory (MGASA-2024-0070)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Open Design Alliance Drawing SDK

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Open Design Alliance ODA Equipment : Drawing SDK Vulnerabilities : Use after Free, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to...

CVE-2023-22669

creationtimestamp| type| source ---|---|--- 2023-04-15 07:26:18+00:00| seen| https://t.me/cibsecurity/62203...

CVE-2023-22669

Parsing of DWG files in Open Design Alliance Drawings SDK before 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...

CVE-2023-22669

Parsing of DWG files in Open Design Alliance Drawings SDK before 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...

CVE-2023-22669

Open Design Alliance Drawings SDK (ODA) is affected by CVE-2023-22669 in versions prior to 2023.6, with a heap-based buffer overflow in DWG parsing that could allow code execution in the context of the current process. The issue is documented with CVSS v3.1 base score 7.8 (HIGH). Mitigation: upgr...

Debian: Security Advisory (DLA-3293-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3293-1] modsecurity-crs security update

Debian LTS Advisory DLA-3293-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost January 30, 2023 https://wiki.debian.org/LTS Package : modsecurity-crs Version : 3.2.3-0+deb10u3 CVE ID : CVE-2018-16384 CVE-2020-22669 CVE-2021-35368 CVE-2022-39955 CVE-2022-39956...

CVE-2020-22669

creationtimestamp| type| source ---|---|--- 2022-09-02 22:39:29+00:00| seen| https://t.me/cibsecurity/49255...

UBUNTU-CVE-2020-22669

Modsecurity owasp-modsecurity-crs 3.2.0 Paranoia level at PL1 has a SQL injection bypass vulnerability. Attackers can use the comment characters and variable assignments in the SQL syntax to bypass Modsecurity WAF protection and implement SQL injection attacks on Web applications...

CVE-2022-22669

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges...

CVE-2022-22669

CVE-2022-22669 affects macOS Monterey 12.3, where a use-after-free in the AMD component was fixed via memory-management improvements. This could have allowed arbitrary code execution with kernel privileges. Remediation: update to macOS Monterey 12.3 or later (per Apple security content).

CVE-2021-22669

CVE-2021-22669 affects Advantech WebAccess/SCADA versions 9.0.1 and earlier. Incorrect default permissions on the Project Management page may allow a low-privileged user to update an administrator’s password and log in as an administrator, enabling privilege escalation. Vendor guidance: update to...

Advantech WebAccessSCADA

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess/SCADA Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...