71 matches found
EUVD-2026-2355
Zohocorp ManageEngine ADManager Plus versions below 7230 are vulnerable to Path Traversal in the User Management module...
EUVD-2025-2355
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-2355
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes befo...
CVE-2023-2355
Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy Windows before build 3900...
CVE-2022-2355
The Easy Username Updater WordPress plugin before 1.0.5 does not implement CSRF checks, which could allow attackers to make a logged in admin change any user's username includes the admin...
CVE-2025-2355
A vulnerability was found in BlackVue App 3.65 on Android and classified as problematic. Affected by this issue is some unknown functionality of the component API Endpoint Handler. The manipulation of the argument BCSTOKEN/SECRETKEY leads to unprotected storage of credentials. Local access is...
CVE-2025-2355
creationtimestamp| type| source ---|---|--- 2025-03-17 00:55:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7728 2025-03-17 03:41:02+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkkabdebwm2j 2025-03-17 04:55:15+00:00| seen| https://t.me/cvedetector/20...
CVE-2025-2355 BlackVue App API Endpoint credentials storage
A vulnerability was found in BlackVue App 3.65 on Android and classified as problematic. Affected by this issue is some unknown functionality of the component API Endpoint Handler. The manipulation of the argument BCSTOKEN/SECRETKEY leads to unprotected storage of credentials. Local access is...
CVE-2025-2355 BlackVue App API Endpoint credentials storage
A vulnerability was found in BlackVue App 3.65 on Android and classified as problematic. Affected by this issue is some unknown functionality of the component API Endpoint Handler. The manipulation of the argument BCSTOKEN/SECRETKEY leads to unprotected storage of credentials. Local access is...
GHSA-FP86-2355-V99R vulnerabilities
Vulnerabilities for packages: falco, go...
CVE-2024-2355 keerti1924 Secret-Coder-PHP-Project secret_coder.sql inclusion of sensitive information in source code
A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /secretcoder.sql. The manipulation leads to inclusion of sensitive information in source code. The attack can be launched...
CVE-2024-2355 keerti1924 Secret-Coder-PHP-Project secret_coder.sql inclusion of sensitive information in source code
A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /secretcoder.sql. The manipulation leads to inclusion of sensitive information in source code. The attack can be launched...
CVE-2024-2355
CVE-2024-2355 affects keerti1924 Secret-Coder-PHP-Project 1.0. The vulnerability involves an issue in an unknown functionality of the file /secret_coder.sql, where manipulation leads to inclusion of sensitive information in source code. Reported as exploitable remotely with rather high attack com...
Amazon Linux 2 : gstreamer1-plugins-bad-free (ALAS-2023-2355)
The version of gstreamer1-plugins-bad-free installed on the remote host is prior to 1.18.4-5. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2355 advisory. gstreamer: AV1 codec parser heap-based buffer overflow CVE-2023-44429 gstreamer: MXF demuxer...
CVE-2023-2355
Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy Windows before build 3900...
CVE-2023-2355
Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy Windows before build 3900...
CVE-2023-2355
CVE-2023-2355 affects Acronis Snap Deploy on Windows prior to build 3900. The vulnerability is a DLL hijacking local privilege escalation that can grant high confidentiality/integrity/availability impact; root cause is DLL hijack in the deployment component. Mitigation: apply build 3900 or later ...
CVE-2022-2355
creationtimestamp| type| source ---|---|--- 2022-08-08 18:24:00+00:00| seen| https://t.me/cibsecurity/47745...
CVE-2022-2355 Easy Username Updater < 1.0.5 - Arbitrary Username Update via CSRF
The Easy Username Updater WordPress plugin before 1.0.5 does not implement CSRF checks, which could allow attackers to make a logged in admin change any user's username includes the admin...
CVE-2022-2355
The CVE-2022-2355 entry affects the WordPress plugin Easy Username Updater (versions prior to 1.0.5). The root cause is lack of CSRF checks, which could allow a logged-in admin to arbitrarily change any user’s username (including the admin). Affected behavior and impact are described in multiple ...