105 matches found
EUVD-2020-2527
Malware in sbrugna...
SUSE CVE-2025-2527
Mattermost versions 10.5.x = 10.5.2, 9.11.x = 9.11.11 failed to properly verify a user's permissions when accessing groups, which allows an attacker to view group information via an API request...
CVE-2023-2527
The Integration for Contact Form 7 and Zoho CRM, Bigin WordPress plugin before 1.2.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
CVE-2025-2527
Mattermost versions 10.5.x = 10.5.2, 9.11.x = 9.11.11 failed to properly verify a user's permissions when accessing groups, which allows an attacker to view group information via an API request...
CVE-2025-2527
Mattermost versions 10.5.x = 10.5.2, 9.11.x = 9.11.11 failed to properly verify a user's permissions when accessing groups, which allows an attacker to view group information via an API request...
CVE-2025-2527 Improper access control to group information
Mattermost versions 10.5.x = 10.5.2, 9.11.x = 9.11.11 failed to properly verify a user's permissions when accessing groups, which allows an attacker to view group information via an API request...
CVE-2025-2527 Improper access control to group information
Mattermost versions 10.5.x = 10.5.2, 9.11.x = 9.11.11 failed to properly verify a user's permissions when accessing groups, which allows an attacker to view group information via an API request...
Amazon Linux 2 : java-11-amazon-corretto (ALAS-2024-2527)
The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.23+9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2527 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product...
CVE-2024-2527
A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/rooms.php. The manipulation of the argument roomid leads to sql injection. The attack may be launched...
CVE-2024-2527
CVE-2024-2527 affects MAGESH-K21 Online-College-Event-Hall-Reservation-System v1.0. The vulnerability is a SQL injection in the /admin/rooms.php file triggered by manipulating the room_id parameter. It is exploitable remotely, with exploitation publicly disclosed. The impact is high on confidenti...
CVE-2024-2527
creationtimestamp| type| source ---|---|--- 2024-03-15 21:01:21+00:00| seen| https://t.me/ctinow/209124 2024-03-16 20:21:40+00:00| seen| https://t.me/ctinow/209701 2024-03-16 20:26:15+00:00| seen| https://t.me/ctinow/209703 2025-04-10 20:49:52+00:00| published-proof-of-concept|...
Oracle Linux 6 : qemu-kvm (ELSA-2011-1531)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-1531 advisory. - kvm-CVE-2011-2527-os-posix-set-groups-properly-for-runas.patch bz722583 - CVE: CVE-2011-2527 - Resolves: bz713593 CVE-2011-2212 virtqueue: too-large indirect...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2527)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-2527
The Integration for Contact Form 7 and Zoho CRM, Bigin WordPress plugin before 1.2.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
CVE-2023-2527
CVE-2023-2527 : The WordPress plugin “Integration for Contact Form 7 and Zoho CRM, Bigin” (vulnerable before 1.2.4) contains a SQL injection due to improper sanitization/escaping of a parameter before use in a SQL statement. The issue is exploitable by high-privilege users (e.g., administrators)....
CVE-2023-2527 Integration for Contact Form 7 and Zoho CRM, Bigin < 1.2.4 - Admin+ SQLi
The Integration for Contact Form 7 and Zoho CRM, Bigin WordPress plugin before 1.2.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
SUSE CVE-2016-2527
wiretap/nettrace3gpp32423.c in the 3GPP TS 32.423 Trace file parser in Wireshark 2.0.x before 2.0.2 does not ensure that a '\0' character is present at the end of certain strings, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash via a...
CVE-2022-2527
An issue in Incident Timelines has been discovered in GitLab CE/EE affecting all versions starting from 14.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2.which allowed an authenticated attacker to inject arbitrary content. A victim...
UBUNTU-CVE-2022-2527
An issue in Incident Timelines has been discovered in GitLab CE/EE affecting all versions starting from 14.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2.which allowed an authenticated attacker to inject arbitrary content. A victim...
CVE-2022-2527
An issue in Incident Timelines has been discovered in GitLab CE/EE affecting all versions starting from 14.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2.which allowed an authenticated attacker to inject arbitrary content. A victim...