CVE-2026-22819 Outray has a Race Condition in main/apps/web/src/routes/api/$orgSlug/subdomains/index.ts

Outray openSource ngrok alternative. Prior to 0.1.5, this vulnerability allows a user i.e a free plan user to get more than the desired subdomains due to lack of db transaction lock mechanisms in main/apps/web/src/routes/api/$orgSlug/subdomains/index.ts. This vulnerability is fixed in 0.1.5...

CVE-2026-22819

Outray openSource ngrok alternative. Prior to 0.1.5, this vulnerability allows a user i.e a free plan user to get more than the desired subdomains due to lack of db transaction lock mechanisms in main/apps/web/src/routes/api/$orgSlug/subdomains/index.ts. This vulnerability is fixed in 0.1.5...

CVE-2026-22819

creationtimestamp| type| source ---|---|--- 2026-01-13 03:49:39+00:00| published-proof-of-concept| https://github.com/outray-tunnel/outray/security/advisories/GHSA-45hj-9x76-wp9g 2026-01-24 21:25:20+00:00| seen| https://gist.github.com/alon710/52873410611d79f78190bd047a0a9e39...

CVE-2021-22819

A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause unintended modifications of the product settings or user accounts when deceiving the user to use the web interface rendered within iframes. Affected Products: EVlink City EVC1S22P4 / EVC1S7P4 All...

CVE-2025-22819

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Roberto Bottalico Qr Code and Barcode Scanner Reader qr-code-and-barcode-scanner-reader allows Stored XSS.This issue affects Qr Code and Barcode Scanner Reader: from n/a through = 1.0.0...

CVE-2023-22819

An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi a...

CVE-2022-22819

NXP LPC55S66JBD64, LPC55S66JBD100, LPC55S66JEV98, LPC55S69JBD64, LPC55S69JBD100, and LPC55S69JEV98 microcontrollers ROM version 1B have a buffer overflow in parsing SB2 updates before the signature is verified. This can allow an attacker to achieve non-persistent code execution via a crafted...

CVE-2020-22819

creationtimestamp| type| source ---|---|--- 2025-05-05 14:20:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14875...

CVE-2025-22819

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Roberto Bottalico Qr Code and Barcode Scanner Reader qr-code-and-barcode-scanner-reader allows Stored XSS.This issue affects Qr Code and Barcode Scanner Reader: from n/a through = 1.0.0...

CVE-2025-22819 WordPress Qr Code and Barcode Scanner Reader plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Roberto Bottalico Qr Code and Barcode Scanner Reader qr-code-and-barcode-scanner-reader allows Stored XSS.This issue affects Qr Code and Barcode Scanner Reader: from n/a through = 1.0.0...

CVE-2025-22819 WordPress Qr Code and Barcode Scanner Reader plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 4wpbari Qr Code and Barcode Scanner Reader allows Stored XSS.This issue affects Qr Code and Barcode Scanner Reader: from n/a through 1.0.0...

CVE-2023-22819

creationtimestamp| type| source ---|---|--- 2024-02-05 23:26:53+00:00| seen| https://t.me/ctinow/179584...

CVE-2023-22819

CVE-2023-22819 describes an uncontrolled resource consumption (memory exhaustion) vulnerability in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi, and Western Digital My Cloud OS 5 devices. The issue allows crafted requests to a service over the network, potentially stopping the se...

CVE-2024-22819

creationtimestamp| type| source ---|---|--- 2024-01-23 17:16:53+00:00| seen| https://t.me/ctinow/172134 2024-02-12 13:11:47+00:00| seen| https://t.me/ctinow/183084...

CVE-2024-22819

CVE-2024-22819 affects FlyCms v1.0 and is a Cross-Site Request Forgery (CSRF) vulnerability exploitable via the /system/email/email_templets_update endpoint. The issue arises from an unsafe CSRF protection surface on that API, allowing unintended requests to be performed in the context of an auth...

CVE-2024-22819

FlyCms v1.0 contains a Cross-Site Request Forgery CSRF vulnerability via /system/email/emailtempletsupdate...

CVE-2020-22819

CVE-2020-22819 affects MKCMS V6.2, with a SQL injection in the /ucenter/active.php endpoint via the verify parameter. Public documents consistently describe an SQLi vulnerability in MKCMS 6.2 hosted parameter, leading to high-impact confidentiality/integrity/availability (CVSS 3.1 base 9.8). Root...

CVE-2020-22819

MKCMS V6.2 has SQL injection via the /ucenter/active.php verify parameter...

CVE-2022-22819

creationtimestamp| type| source ---|---|--- 2022-03-24 01:29:03+00:00| seen| https://t.me/cibsecurity/39465...

CVE-2022-22819

The CVE-2022-22819 entry concerns NXP LPC55S66JBD64/100, LPC55S66JEV98, LPC55S69JBD64/100, and LPC55S69JEV98 microcontrollers (ROM version 1B). A buffer overflow occurs while parsing SB2 updates before the update signature is verified, allowing an attacker to achieve non-persistent code execution...