CVE-2021-27195

Improper Authorization vulnerability in Netop Vision Pro up to and including to 9.7.1 allows an attacker to replay network traffic...

CVE-2026-27195

creationtimestamp| type| source ---|---|--- 2026-02-25 01:40:27+00:00| seen| https://gist.github.com/alon710/447723fe5251aee242f8395c82fa3afa 2026-02-25 18:16:49+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfpc2xrnsz2d...

CVE-2026-27195 Wasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` future

Wasmtime is a runtime for WebAssembly. Starting with Wasmtime 39.0.0, the component-model-async feature became the default, which brought with it a new implementation of TypedFunc::callasync which made it capable of calling async-typed guest export functions. However, that implementation had a bu...

CVE-2026-27195

Wasmtime is a runtime for WebAssembly. Starting with Wasmtime 39.0.0, the component-model-async feature became the default, which brought with it a new implementation of TypedFunc::callasync which made it capable of calling async-typed guest export functions. However, that implementation had a bu...

CVE-2026-27195 Wasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` future

Wasmtime is a runtime for WebAssembly. Starting with Wasmtime 39.0.0, the component-model-async feature became the default, which brought with it a new implementation of TypedFunc::callasync which made it capable of calling async-typed guest export functions. However, that implementation had a bu...

Linux Distros Unpatched Vulnerability : CVE-2020-27195

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be subverted using either the template or artifact stanzas. Fixe...

CVE-2023-27195

Trimble TM4Web 22.2.0 allows unauthenticated attackers to access /inc/tmajax.msw?func=UserfromUUID= to retrieve the last registration access code and use this access code to register a valid account. via a PUT /inc/tmajax.msw request. If the access code was used to create an Administrator account...

CVE-2025-27195

Media Encoder versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-27195

Adobe Media Encoder (versions 25.1, 24.6.4 and earlier) is affected by a Heap-based Buffer Overflow (CVE-2025-27195) that could allow arbitrary code execution in the context of the current user, requiring user interaction (victim must open a malicious file). The issue stems from a heap-based over...

CVE-2025-27195 Media Encoder | Heap-based Buffer Overflow (CWE-122)

Media Encoder versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-27195

Cross-Site Request Forgery CSRF vulnerability in sverde1 Watermark RELOADED watermark-reloaded allows Cross Site Request Forgery.This issue affects Watermark RELOADED: from n/a through = 1.3.5...

CVE-2023-27195

creationtimestamp| type| source ---|---|--- 2024-11-08 04:17:02+00:00| seen| https://infosec.exchange/users/cve/statuses/113445399552306124 2024-11-08 07:09:26+00:00| seen| https://t.me/cvedetector/10160...

CVE-2023-27195

Trimble TM4Web 22.2.0 allows unauthenticated attackers to access /inc/tmajax.msw?func=UserfromUUID&uuid= to retrieve the last registration access code and use this access code to register a valid account. via a PUT /inc/tmajax.msw request. If the access code was used to create an Administrator...

Trimble TM4Web 22.2.0 Privilege Escalation / Access Code Disclosure

CVE ID: CVE-2023-27195 Description: An access control issue in Trimble TM4Web v22.2.0 allows unauthenticated attackers to access a specific crafted URL path to retrieve the last registration access code and use this access code to register a valid account. If the access code was used to create an...

CVE-2024-27195

creationtimestamp| type| source ---|---|--- 2024-03-16 03:21:37+00:00| seen| https://t.me/ctinow/209301 2024-03-16 03:26:20+00:00| seen| https://t.me/ctinow/209309 2025-04-10 20:49:45+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11347...

CVE-2024-27195

Cross-Site Request Forgery CSRF vulnerability in sverde1 Watermark RELOADED watermark-reloaded allows Cross Site Request Forgery.This issue affects Watermark RELOADED: from n/a through = 1.3.5...

CVE-2024-27195

CVE-2024-27195 is a CSRF to Stored XSS vulnerability in Watermark RELOADED for WordPress, affecting Watermark RELOADED versions up to 1.3.5. The available connected sources confirm the issue and affected version range, with a CVSS v3.1 base score of 7.1 (HIGH). There is no published patch or miti...

WordPress Watermark RELOADED Plugin <= 1.3.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Watermark RELOADED Type Plugin Vulnerable versions = 1.3.5 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-27195 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID f6d96ac7d165 Credits Dimas Maulana...

CVE-2022-27195

Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their build.xml files. These values are stored unencrypted and can be viewed by users with access to...

CVE-2022-27195

creationtimestamp| type| source ---|---|--- 2022-03-15 19:19:27+00:00| seen| https://t.me/cibsecurity/38936...