CVE-2026-27255

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

D-Link DIR-822 Multiple Vulnerabilities (2018 - 2024)

D-Link DIR-822 devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2024-27255

IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2, and 2.3.0 through 2.3.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 283905...

CVE-2025-27255

Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege Escalation. The local user database is encrypted using an hardcoded password retrievable by an attacker analyzing the application code...

CVE-2025-27255

creationtimestamp| type| source ---|---|--- 2025-03-10 09:41:28+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6985 2025-03-10 09:51:12+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114137515128173485 2025-03-10 10:31:21+00:00| seen|...

CVE-2025-27255

This CVE concerns GE Vernova EnerVista UR Setup. The vulnerability arises from hard-coded credentials used to encrypt the local user database, with the credential password retrievable by analyzing the application code. A local attacker could leverage this to escalate privileges on the affected sy...

CVE-2025-27255

Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege Escalation. The local user database is encrypted using an hardcoded password retrievable by an attacker analyzing the application code...

CVE-2024-27255

creationtimestamp| type| source ---|---|--- 2024-03-03 13:26:54+00:00| seen| https://t.me/ctinow/198719 2024-03-03 13:31:35+00:00| seen| https://t.me/ctinow/198721...

CVE-2024-27255

CVE-2024-27255 affects IBM MQ Operator and related container images, where a cryptographic weakness in the operator’s crypto algorithms could allow decryption of highly sensitive information. Affected versions include IBM MQ Operator v2.0.0–2.0.18, v2.2.0–2.2.2, v2.3.0–2.3.3, v2.4.0–2.4.7, and v3...

CVE-2023-27255

The CVE concerns IDAttend’s IDWeb application, affected in version 3.1.052 and earlier. The vulnerability is an unauthenticated SQL injection in the DeleteRoomChanges method, allowing an attacker to extract or modify all data without authentication. Multiple connected sources align on the core is...

Realtek eCos Stack Buffer Overflow (CVE-2022-27255)

A stack-based buffer overflow exists in Realtek eCos. Successful exploitation could lead to arbitrary code execution...

Exploit for Improper Input Validation in Realtek Ecos_Rsdk_Firmware

CVE-2022-27255-checker Simple checker for CVE-2022...

CVE-2022-27255

creationtimestamp| type| source ---|---|--- 2022-08-01 16:16:54+00:00| seen| https://t.me/cibsecurity/47317 2022-08-12 19:07:37+00:00| seen| https://t.me/truesecator/3289 2022-08-14 13:05:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/6591 2022-08-17 10:17:33+00:00|...

CVE-2022-27255

In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data...

CVE-2022-27255

CVE-2022-27255 affects Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1. The SIP ALG component that rewrites SDP data has a stack-based buffer overflow, enabling an attacker to remotely execute code without authentication by sending a crafted SIP packet containing malicious SDP data. The NVD metrics ra...

CVE-2022-27255

In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data...

Exploit for Improper Input Validation in Realtek Ecos_Rsdk_Firmware

CVE-2022-27255 - Realtek eCos SDK SIP ALG buffer overflow Th...

Rockwell (CVE-2020-27255) (deprecated)

Plugin deprecated because factorytalk is not detectable in this way This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/03/10. Deprecated because...

CVE-2021-27255

creationtimestamp| type| source ---|---|--- 2021-03-05 22:47:46+00:00| seen| https://t.me/cibsecurity/24558...

CVE-2021-27255

CVE-2021-27255 affects NETGEAR R7800 devices running firmware 1.0.2.76. The flaw is in the refresh_status.aspx endpoint and allows unauthenticated remote code execution, with the attacker gaining root privileges. Multiple sources (NVD, Red Hat advisory, ZDI) confirm the lack of authentication to ...