CVE-2023-27089

Cross Site Scripting vulnerability found in Ehuacui BBS allows attackers to cause a denial of service via a crafted payload in the login parameter...

CVE-2022-27089

In Fujitsu PlugFree Network = 7.3.0.3, an Unquoted service path in PFNService.exe software allows a local attacker to potentially escalate privileges to system level...

CVE-2025-27089

Directus is a real-time API and App dashboard for managing SQL database content. In affected versions if there are two overlapping policies for the update action that allow access to different fields, instead of correctly checking access permissions against the item they apply for the user is...

CVE-2025-27089

creationtimestamp| type| source ---|---|--- 2025-02-19 18:06:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3likej7ksw226 2025-02-19 20:24:59+00:00| seen| https://t.me/cvedetector/18457...

CVE-2025-27089

Directus is a real-time API and App dashboard for managing SQL database content. In affected versions if there are two overlapping policies for the update action that allow access to different fields, instead of correctly checking access permissions against the item they apply for the user is...

CVE-2025-27089 Overlapping policies allow update to non-allowed fields in directus

Directus is a real-time API and App dashboard for managing SQL database content. In affected versions if there are two overlapping policies for the update action that allow access to different fields, instead of correctly checking access permissions against the item they apply for the user is...

CVE-2025-27089

Directus has a vulnerability (CVE-2025-27089) where overlapping update policies can cause a user to update fields not permitted for a specific item. Root cause: the system previously validated access at the item level; the fix evaluates permissions per field in the validateItemAccess query and re...

CVE-2025-27089 Overlapping policies allow update to non-allowed fields in directus

Directus is a real-time API and App dashboard for managing SQL database content. In affected versions if there are two overlapping policies for the update action that allow access to different fields, instead of correctly checking access permissions against the item they apply for the user is...

CVE-2023-27089

creationtimestamp| type| source ---|---|--- 2023-04-05 02:59:35+00:00| seen| https://t.me/cibsecurity/61419 2025-02-14 21:09:17+00:00| seen| Telegram/q-1gYqgXYCwFElNi8Z95xzNUn0JTqI-xp-SWfXpCW8yBSpf...

CVE-2023-27089

Cross Site Scripting vulnerability found in Ehuacui BBS allows attackers to cause a denial of service via a crafted payload in the login parameter...

CVE-2023-27089

Cross Site Scripting vulnerability found in Ehuacui BBS allows attackers to cause a denial of service via a crafted payload in the login parameter...

CVE-2023-27089

CVE-2023-27089 affects Ehuacui BBS and is described as a Cross Site Scripting vulnerability in the login parameter that can cause denial of service. The CVSS 3.1 base score is 8.2 (High) with Network attack vector, low attack complexity, low privileges, user interaction required, scope changed, a...

CVE-2023-27089

Cross Site Scripting vulnerability found in Ehuacui BBS allows attackers to cause a denial of service via a crafted payload in the login parameter...

CVE-2022-27089

creationtimestamp| type| source ---|---|--- 2022-04-11 18:16:13+00:00| seen| https://t.me/cibsecurity/40473...

CVE-2022-27089

CVE-2022-27089 is documented for Fujitsu PlugFree Network

CVE-2022-27089

In Fujitsu PlugFree Network = 7.3.0.3, an Unquoted service path in PFNService.exe software allows a local attacker to potentially escalate privileges to system level...

CVE-2021-27089

Technical details for CVE-2021-27089 are not publicly provided in the supplied documents. Monitor for updates from vendor advisories and affected products.

CVE-2021-27089 Microsoft Internet Messaging API Remote Code Execution Vulnerability

...

KB5001342: Windows 10 version 1809 / Windows Server 2019 Security Update (Apr 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Win32k Elevation of Privilege Vulnerability CVE-2021-27072, CVE-2021-28310 - Windows Media Photo Codec Information Disclosure Vulnerability CVE-2021-27079 - Windows Event Tracing Elevati...

KB5001389: Windows Server 2008 Security Update (Apr 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Microsoft Internet Messaging API Remote Code Execution Vulnerability CVE-2021-27089 - Windows Kernel Information Disclosure Vulnerability CVE-2021-27093, CVE-2021-28309 - Windows Media...