CVE-2026-27304

creationtimestamp| type| source ---|---|--- 2026-04-14 23:21:52+00:00| seen| Telegram/jHpVmdM968c9lFQ4KStSRALTqvtLmQ8NC1zLLnKyLbbys0E 2026-04-15 01:30:31+00:00| seen| https://infosec.exchange/users/offseq/statuses/116406132959257406 2026-04-15 01:30:31+00:00| seen|...

CVE-2026-27304

CVE-2026-27304 affects ColdFusion versions 2023.18, 2025.6 and earlier. The issue is an Improper Input Validation vulnerability that can lead to arbitrary code execution in the context of the current user . Exploitation requires no user interaction, with an attack vector: Adjacent and no privileg...

Exploit for CVE-2024-27304

CVE-2024-27304-PoC references - DEF CON 32 - SQL Injectio...

Linux Distros Unpatched Vulnerability : CVE-2020-27304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload...

CVE-2025-27304

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themelogger Contact Form 7 Star Rating with font Awesome contact-form-7-star-rating-with-font-awersome allows Stored XSS.This issue affects Contact Form 7 Star Rating with font Awesome: from n/a...

CVE-2025-27304

creationtimestamp| type| source ---|---|--- 2025-02-24 17:21:54+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5187...

CVE-2025-27304

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themelogger Contact Form 7 Star Rating with font Awesome contact-form-7-star-rating-with-font-awersome allows Stored XSS.This issue affects Contact Form 7 Star Rating with font Awesome: from n/a...

CVE-2025-27304 WordPress Contact Form 7 Star Rating with font Awesome plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themelogger Contact Form 7 Star Rating with font Awesome contact-form-7-star-rating-with-font-awersome allows Stored XSS.This issue affects Contact Form 7 Star Rating with font Awesome: from n/a...

CVE-2025-27304 WordPress Contact Form 7 Star Rating with font Awesome plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themelogger Contact Form 7 Star Rating with font Awesome contact-form-7-star-rating-with-font-awersome allows Stored XSS.This issue affects Contact Form 7 Star Rating with font Awesome: from n/a...

Photon OS 4.0: Falco PHSA-2023-4.0-0410

An update of the falco package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0410. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Security Bulletin: IBM Instana Observability is vulnerable to SQL injection due to PostgreSQL driver and toolkit for Go, known as pgx.

Summary PostgreSQL driver and toolkit for Go, known as pgx is used by IBM Instana Observability Using third-party datastore Operators as part of the postgres operator CVE-2024-27304. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-2730...

CVE-2020-27304 affecting package ceph for versions less than 18.2.1-1

CVE-2020-27304 affecting package ceph for versions less than 18.2.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-27304 affecting package telegraf for versions less than 1.28.5-5

CVE-2024-27304 affecting package telegraf for versions less than 1.28.5-5. A patched version of the package is available...

Moderate: Red Hat Security Advisory: ACS 4.3 enhancement and security update

Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes bug and security fixes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CVE-2024-27304

pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. T...

CVE-2024-27304

creationtimestamp| type| source ---|---|--- 2024-03-06 20:26:53+00:00| seen| https://t.me/ctinow/201763 2024-03-06 20:36:26+00:00| seen| https://t.me/ctinow/201784 2024-03-06 22:31:11+00:00| seen| https://t.me/ctinow/201857 2025-10-12 10:56:02+00:00| seen|...

CVE-2024-27304 vulnerabilities

Vulnerabilities for packages: temporal-server, argo-workflows, k3s, step, spicedb, amass, step-ca, trillian, kots, ferretdb, kube-bench, kine, src, caddy...

CVE-2024-27304 vulnerabilities

Vulnerabilities for packages: spicedb, kube-bench, src, temporal-server, step-ca, kine, k3s, trillian-fips, falcosidekick-fips, wavefront-collector-for-kubernetes, trillian, ferretdb, argo-workflows, step, keda-fips, temporal-server-fips, kube-bench-fips, caddy-fips, amass, argo-workflows-fips,...

CVE-2024-27304

CVE-2024-27304 affects pgx, a PostgreSQL driver/toolkit for Go. The vulnerability enables SQL injection when an attacker can cause a single query or Bind message to exceed 4 GB due to an integer overflow in message size calculation, which can cause the large message to be split into multiple mess...

CVE-2024-27304 pgx SQL Injection via Protocol Message Size Overflow

pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. T...