24 matches found
CVE-2026-27240
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-27240
creationtimestamp| type| source ---|---|--- 2025-09-12 15:30:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lynlfl7ys52x...
DEBIAN-CVE-2025-27240
A Zabbix adminitrator can inject arbitrary SQL during the autoremoval of hosts by inserting malicious SQL in the 'Visible name' field...
CVE-2025-27240
A Zabbix adminitrator can inject arbitrary SQL during the autoremoval of hosts by inserting malicious SQL in the 'Visible name' field...
CVE-2025-27240 Secondary-order SQL injection in Zabbix Server when deleting an autoregistered host
A Zabbix adminitrator can inject arbitrary SQL during the autoremoval of hosts by inserting malicious SQL in the 'Visible name' field...
CVE-2023-27240
Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip parameter at /goform/AdvSetLanip...
CVE-2021-27240
This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within th...
CVE-2024-27240
creationtimestamp| type| source ---|---|--- 2024-07-15 21:01:58+00:00| seen| https://t.me/cvedetector/891...
CVE-2024-27240
Improper input validation in the installer for some Zoom Apps for Windows may allow an authenticated user to conduct a privilege escalation via local access...
CVE-2024-27240 Zoom Apps for Windows - Improper Input Validation
Improper input validation in the installer for some Zoom Apps for Windows may allow an authenticated user to conduct a privilege escalation via local access...
VulnCheck KEV: CVE-2023-27240
Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip parameter at /goform/AdvSetLanip...
CVE-2023-27240
creationtimestamp| type| source ---|---|--- 2023-03-15 11:24:41+00:00| seen| https://t.me/cibsecurity/60043 2025-08-31 03:12:57+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...
CVE-2023-27240
Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip parameter at /goform/AdvSetLanip...
CVE-2023-27240
CVE-2023-27240 affects the Tenda AX3 router (V16.03.12.11). The vulnerability is a command-injection flaw in the /goform/AdvSetLanip endpoint exposed via the lanip parameter, caused by inadequate input filtering of command-like characters. This can allow arbitrary command execution with high impa...
CVE-2022-27240
scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion...
CVE-2022-27240
scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion...
DEBIAN-CVE-2022-27240
scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion...
UBUNTU-CVE-2022-27240
scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion...
CVE-2022-27240
CVE-2022-27240 concerns Glewlwyd SSO server 2.x before 2.6.2, where a buffer overflow in the WebAuthn support (scheme/webauthn.c) is associated with a WebAuthn assertion. The Red Hat and related advisories confirm the same description. No exploit details are provided in the connected documents. T...
OpenClinic GA SQL Injection (CVE-2020-27233; CVE-2020-27234; CVE-2020-27235; CVE-2020-27236; CVE-2020-27237; CVE-2020-27238; CVE-2020-27239; CVE-2020-27240)
An SQL injection vulnerability exists in OpenClinic GA. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...