CVE-2026-26095

The CVE-2026-26095 entry concerns Owl opds version 2.2.0.4, with a vulnerability described as Incorrect Permission Assignment for a Critical Resource that enables File Manipulation via a crafted network request. The connected Red Hat, NVD, OSV, and CVE records corroborate the same description and...

CVE-2026-26095 Incorrect Permission Assignment for Critical Resource in Owl opds

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

CVE-2026-26095 Incorrect Permission Assignment for Critical Resource in Owl opds

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

CVE-2022-26095

Null pointer dereference vulnerability in parsercolr function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker...

CVE-2023-26095

ASQ in Stormshield Network Security SNS 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP packet...

CVE-2021-26095

The combination of various cryptographic issues in the session management of FortiMail 6.4.0 through 6.4.4 and 6.2.0 through 6.2.6, including the encryption construction of the session cookie, may allow a remote attacker already in possession of a cookie to possibly reveal and alter or forge its...

CVE-2024-26095 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-26095

Summary of CVE-2024-26095 (Adobe Experience Manager) : AEM 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields, allowing an attacker to inject malicious JavaScript that executes in a victim’s browser when loading the affected page. The do...

CVE-2024-26095 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2023-26095

ASQ in Stormshield Network Security SNS 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP packet...

CVE-2023-26095

ASQ in Stormshield Network Security SNS 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP packet...

CVE-2023-26095

ASQ in Stormshield Network Security SNS 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP packet...

CVE-2023-26095

CVE-2023-26095 affects Stormshield Network Security (SNS): ASQ in SNS versions 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 crashes when processing a crafted SIP packet. Root cause not detailed in the provided documents. Remediation: upgrade to SNS 4.3.16 or 4.6.3 (as applicable). Exploit informat...

CVE-2022-26095

Null pointer dereference vulnerability in parsercolr function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker...

CVE-2022-26095

CVE-2022-26095 affects the libsimba library, with a null pointer dereference in the parser_colr function prior to Samsung SMR Apr-2022 Release 1, enabling out-of-bounds writes by a remote attacker. Impacts and mitigations from connected docs indicate vulnerable component is the parser_colr code p...

CVE-2021-26095

FortiMail is affected by cryptographic issues in the session management cookie for FortiMail 6.2.0–6.2.6 and 6.4.0–6.4.4. The vulnerability allows a remote attacker who already holds a valid cookie to reveal, alter, or forge its content, potentially escalating privileges. Remediation per Fortinet...