22 matches found
CVE-2026-27249
Adobe Experience Manager (AEM) 6.5.x up to 6.5.23 and earlier is affected by a stored XSS vulnerability (CVE-2026-27249) in form field handling due to insufficient input sanitization/escaping. A low-privilege attacker can cause malicious JavaScript to run in victims’ browsers when they view vulne...
CVE-2022-27249
An unrestricted file upload vulnerability in IdeaRE RefTree before 2021.09.17 allows remote authenticated users to execute arbitrary code by using UploadDwg to upload a crafted aspx file to the web root, and then visiting the URL for this aspx resource...
CVE-2025-27249
Uncontrolled resource consumption for some Gaudi software before version 1.21.0 within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occu...
Intel® Gaudi® Software Advisory
Summary: A potential security vulnerability for some Intel® Gaudi® software may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-27249 Description: Uncontrolled resource consumption for some Gaudi softwar...
Linux Distros Unpatched Vulnerability : CVE-2023-27249
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swfGetPlaceObject at swfobject.c. CVE-2023-27249 Note that Nessus relies on the...
CVE-2023-27249
swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swfGetPlaceObject at swfobject.c...
CVE-2020-27249
A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. In version/Instance 0x0004 and 0x0015, an attacker can...
CVE-2023-27249
swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swfGetPlaceObject at swfobject.c...
UBUNTU-CVE-2023-27249
swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swfGetPlaceObject at swfobject.c...
CVE-2023-27249
swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swfGetPlaceObject at swfobject.c...
CVE-2023-27249
CVE-2023-27249 affects swfdump v0.9.2. The vulnerability is a heap buffer overflow in the function swf_GetPlaceObject located in swfobject.c. Documented impact indicates a likely impact on availability, with no information about exploitation status in the provided sources. Public-reported advisor...
CVE-2023-27249
swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swfGetPlaceObject at swfobject.c...
CVE-2022-27249
creationtimestamp| type| source ---|---|--- 2022-04-04 02:27:10+00:00| seen| https://t.me/cibsecurity/40081...
CVE-2022-27249
An unrestricted file upload vulnerability in IdeaRE RefTree before 2021.09.17 allows remote authenticated users to execute arbitrary code by using UploadDwg to upload a crafted aspx file to the web root, and then visiting the URL for this aspx resource...
CVE-2022-27249
CVE-2022-27249 describes an unrestricted file upload in IdeaRE RefTree prior to 2021.09.17. The vulnerability allows remote authenticated users to upload a crafted aspx file to the web root via the UploadDwg feature and then access the resource to execute arbitrary code. Impact is high (remote co...
IdeaRE RefTree Shell Upload
=============================================================================== title: IdeaRE RefTree Remote Code Execution product: IdeaRE RefTree 2021.09.17 vulnerability type: Unrestricted File Upload CVE ID: CVE-2022-27249 severity: High CVSSv3 score: 8.8 CVSSv3 vector:...
IdeaRE RefTree Shell Upload Vulnerability
=============================================================================== title: IdeaRE RefTree Remote Code Execution product: IdeaRE RefTree 2021.09.17 vulnerability type: Unrestricted File Upload CVE ID: CVE-2022-27249 severity: High CVSSv3 score: 8.8 CVSSv3 vector:...
CVE-2021-27249
CVE-2021-27249 affects D-Link DAP-2020 v1.01rc001. It enables network-adjacent attackers to execute arbitrary code as root via CGI script processing due to improper validation of a user-supplied string used in a system call. Authentication is not required. Public disclosures include ZDI-21-204 an...
CVE-2020-27249
creationtimestamp| type| source ---|---|--- 2021-02-04 12:34:13+00:00| seen| https://t.me/cibsecurity/23057...
CVE-2020-27249
A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. In version/Instance 0x0004 and 0x0015, an attacker can...