CVE-2026-27229 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2023-27229

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg...

CVE-2024-27229

creationtimestamp| type| source ---|---|--- 2025-02-18 21:11:31+00:00| seen| Telegram/2z02dkpmmJeFz0eK4gxN0oGGPieIgZMLUGCAXo8JER3VTzF5 2025-03-25 18:25:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8726...

CVE-2024-27229

CVE-2024-27229 describes a null pointer dereference in ss_SendCallBarringPwdRequiredIndMsg within ss_CallBarring.c, leading to remote denial of service without user interaction. The vulnerability is tracked in Android/Pixel advisories and is listed in the Pixel March 2024 update bulletin with DoS...

CVE-2022-27229

Path transversal in some IntelR NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-27229

Path transversal in some IntelR NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-27229

CVE-2022-27229: Path traversal in the HDMI firmware update tool for Intel NUC Kits NUC7i3DN/NUC7i5DN/NUC7i7DN before version 1.79.1.1 may let an authenticated local user escalate privileges. Affected Intel NUC HDMI firmware update tool; root cause is improper path handling. Intel notes affected p...

CVE-2022-27229

Path transversal in some IntelR NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-27229

creationtimestamp| type| source ---|---|--- 2023-03-29 02:14:53+00:00| seen| https://t.me/cibsecurity/60988 2025-02-18 23:42:23+00:00| seen| Telegram/YkoAfl37ZDG9pLANvF9lLNBUMSSbiYVpR0pILKpv5cfnKQ1...

CVE-2023-27229

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg...

CVE-2023-27229

Summary : CVE-2023-27229 affects TOTOLINK A7100RU with firmware V7.4cu.2313_B20191024. The issue is a command injection vulnerability exposed via the upBw parameter in the /setting/setWanIeCfg API. The root cause is improper handling/filtering of constructed commands, enabling arbitrary command e...

Ubuntu 18.04 LTS / 20.04 LTS : Mumble vulnerability (USN-5195-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5195-1 advisory. It was discovered that the Mumble client supported websites for public servers with arbitrary URL schemes. If a user were tricked into visiting a...

CVE-2020-27229

CVE-2020-27229 concerns OpenClinic GA 5.173.3, where multiple authenticated SQL injection vulnerabilities exist in the web page patientslist.do . The root cause is improper handling of user input in the findPersonID, findSector, and findDistrict parameters, leading to crafted HTTP requests that c...

OpenClinic GA web portal multiple SQL injection vulnerabilities in 'patientslist.do' page

Summary A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions...

CVE-2021-27229

CVE-2021-27229 affects Mumble prior to 1.3.4. A remote code execution vulnerability exists when a user navigates to a crafted URL in a server list and clicks the Open Webpage text, enabling arbitrary code execution. Several advisories confirm the issue and patch guidance: upgrade to Mumble 1.3.4 ...