CVE-2026-27278

creationtimestamp| type| source ---|---|--- 2026-03-11 03:00:18+00:00| seen| https://helpx.adobe.com/security/products/acrobat/apsb26-26.html 2026-03-12 13:00:13+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mguheoo3wj2u 2026-03-12 13:22:24+00:00| seen|...

CVE-2026-27278

Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2025-27278

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Ghedini AcuGIS Leaflet Maps mapfig-premium-leaflet-map-maker allows Reflected XSS.This issue affects AcuGIS Leaflet Maps: from n/a through = 5.1.1.0...

CVE-2025-27278

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Ghedini AcuGIS Leaflet Maps mapfig-premium-leaflet-map-maker allows Reflected XSS.This issue affects AcuGIS Leaflet Maps: from n/a through = 5.1.1.0...

CVE-2025-27278 WordPress AcuGIS Leaflet Maps Plugin <= 5.1.1.0 - Multiple Cross Site Scripting (XSS) vulnerabilities

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Ghedini AcuGIS Leaflet Maps mapfig-premium-leaflet-map-maker allows Reflected XSS.This issue affects AcuGIS Leaflet Maps: from n/a through = 5.1.1.0...

CVE-2025-27278 WordPress AcuGIS Leaflet Maps Plugin <= 5.1.1.0 - Multiple Cross Site Scripting (XSS) vulnerabilities

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Ghedini AcuGIS Leaflet Maps mapfig-premium-leaflet-map-maker allows Reflected XSS.This issue affects AcuGIS Leaflet Maps: from n/a through = 5.1.1.0...

CVE-2025-27278

CVE-2025-27278 affects NotFound AcuGIS Leaflet Maps Plugin for WordPress (

CVE-2024-27278

creationtimestamp| type| source ---|---|--- 2024-03-06 01:26:18+00:00| seen| https://t.me/ctinow/200917 2024-03-06 01:26:28+00:00| seen| https://t.me/ctinow/200924...

CVE-2024-27278

OpenPNE plugin opTimelinePlugin (version 1.2.11 and earlier) contains a stored cross-site scripting (CWE-79) vulnerability in the Edit Profile page. When a user configures their profile with malicious content, an arbitrary script may execute in other users’ browsers. Affected product: OpenPNE opT...

CVE-2021-27278

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists withi...

CVE-2021-27278

CVE-2021-27278 concerns Parallels Desktop (v16.1.1-49141) affecting the Toolgate component. The vulnerability arises from improper validation of a user-supplied path used in file operations, enabling local attackers who have the ability to run high-privileged code on a guest to escalate privilege...

CVE-2020-27278

creationtimestamp| type| source ---|---|--- 2021-03-16 01:29:21+00:00| seen| https://t.me/cibsecurity/24929...

CVE-2020-27278

In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, hard-coded credentials in the ventilator allow attackers with physical access to obtain admin privileges for the device’s configuration interface...

CVE-2020-27278

The CVE-2020-27278 issue affects Hamilton Medical AG’s T1-Ventilator (versions 2.2.3 and earlier). The vulnerability arises from hard-coded credentials in the device’s configuration interface, enabling attackers with physical access to obtain admin privileges. Public sources also document related...

Unspecified Vulnerability in Lenovo System Interface Foundation (CNVD-2020-27278)

Lenovo System Interface Foundation is a set of software from Lenovo, a Chinese company, for communicating with hardware devices. An unspecified vulnerability exists in Lenovo System Interface Foundation. An attacker could use this vulnerability to elevate privileges and execute code...