CVE-2022-26348

Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has been preloaded in...

CVE-2025-26348

creationtimestamp| type| source ---|---|--- 2025-02-12 14:20:51+00:00| seen| https://infosec.exchange/users/cve/statuses/113991355669364488...

CVE-2025-26348

A CWE-89 "Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection'" in maxprofile/menu/model.lua editUserMenu endpoint in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to execute arbitrary SQL commands via crafted HTTP reques...

CVE-2025-26348

A CWE-89 "Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection'" in maxprofile/menu/model.lua editUserMenu endpoint in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to execute arbitrary SQL commands via crafted HTTP reques...

CVE-2025-26348

CVE-2025-26348 affects Q-Free MaxTime (MaxTime suite). The vulnerability is an SQL Injection (CWE-89) in maxprofile/menu/model.lua at the editUserMenu endpoint, exploitable via crafted HTTP requests to execute arbitrary SQL. Affected: MaxTime versions

CVE-2023-26348

Adobe Dimension has an out-of-bounds read vulnerability in USD file parsing affecting version 3.4.7 and earlier, potentially allowing memory disclosure and ASLR bypass. Exploitation requires user interaction (victim opens a malicious file). A fixed version is 3.4.8; apply the vendor update (APSB2...

Adobe Dimension < 3.4.8 Multiple Vulnerabilities (APSB23-20) (macOS)

The version of Adobe Dimension installed on the remote macOS host is prior to 3.4.8. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB23-20 advisory. - Adobe Dimension versions 3.4.7 and earlier is affected by a Stack-based Buffer Overflow vulnerability that could...

CVE-2022-26348

CVE-2022-26348 describes a SQL Injection vulnerability in Gallagher Command Centre Server, activated via Windows Registry settings for date fields. An attacker using the Visitor Management Kiosk (a public-use application) can invoke an arbitrary SQL query preloaded into the server’s registry to o...

SUSE: Security Advisory (SUSE-SU-2022:1923-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:1840-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:1751-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-26348

creationtimestamp| type| source ---|---|--- 2022-05-11 20:34:29+00:00| seen| https://t.me/cibsecurity/42384...

CVE-2021-26348

Failure to flush the Translation Lookaside Buffer TLB of the I/O memory management unit IOMMU may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity...

CVE-2021-26348

Failure to flush the Translation Lookaside Buffer TLB of the I/O memory management unit IOMMU may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity...

CVE-2021-26348

Technical details about CVE-2021-26348 are not publicly provided in the supplied documents; no affected products, root cause, or remediation specifics are present. Please monitor for updates from the referenced advisories and databases.

AMD Server Vulnerabilities - May 2022

Bulletin ID: AMD-SB-1028 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary During security reviews in collaboration with Google, Microsoft, and Oracle, potential vulnerabilities in the AMD Secure Processor ASP, AMD System Management Un...

CVE-2020-26348

CVE-2020-26348 is rejected/not used and does not represent an active vulnerability entry.