17 matches found
CVE-2026-27310
creationtimestamp| type| source ---|---|--- 2026-04-14 20:19:49+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mji7d4kvbq2a 2026-04-14 21:25:30+00:00| published-proof-of-concept| Telegram/qw6naPQmOSFEqbc3iRVVM5dhGETt1a49wBj6uReZM5MuI0 2026-04-16 01:37:07+00:00| seen|...
CVE-2026-27310 Bridge | Heap-based Buffer Overflow (CWE-122)
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2021-27310
Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "language" parameter...
CVE-2025-27310
Missing Authorization vulnerability in Radius of Thought Page and Post Lister page-and-post-lister allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page and Post Lister: from n/a through = 1.2.1...
CVE-2025-27310
Missing Authorization vulnerability in Radius of Thought Page and Post Lister page-and-post-lister allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page and Post Lister: from n/a through = 1.2.1...
CVE-2025-27310 WordPress Page and Post Lister plugin <= 1.2.1 - Arbitrary Content Deletion vulnerability
Missing Authorization vulnerability in Radius of Thought Page and Post Lister page-and-post-lister allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page and Post Lister: from n/a through = 1.2.1...
CVE-2025-27310
CVE-2025-27310 affects the WordPress plugin Page and Post Lister (
CVE-2024-27310
Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input...
CVE-2024-27310 DOS Vulnerability
Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input...
CVE-2024-27310 DOS Vulnerability
Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input...
CVE-2024-27310
CVE-2024-27310 affects Zoho ManageEngine ADSelfService Plus prior to version 6401. The vulnerability arises from malicious LDAP input causing a denial-of-service condition, impacting availability (per CVE metrics). Connected sources corroborate that versions below 6401 are vulnerable; no explicit...
CVE-2023-27310
A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.2. The client query handler of the affected application fails to check for proper permissions when assigning groups to user accounts. This could allow an authenticated remote attacker to assign administrative groups to...
CVE-2023-27310
A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.2. The client query handler of the affected application fails to check for proper permissions when assigning groups to user accounts. This could allow an authenticated remote attacker to assign administrative groups to...
CVE-2023-27310
Siemens RUGGEDCOM CROSSBOW (all versions prior to V5.2) contains a missing-authorization vulnerability in the client query handler: when assigning groups to user accounts, it does not properly enforce permissions, potentially allowing an authenticated remote attacker to elevate privileges by addi...
Siemens RUGGEDCOM CROSSBOW V5.2
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
CVE-2021-27310
creationtimestamp| type| source ---|---|--- 2021-03-23 17:38:27+00:00| seen| Telegram/S3Mnuqg1rNC31upFTQy4biqsbH9p5KpuqCcVFKPk29c8EU...
CVE-2021-27310
Clansphere CMS 2011.4 is affected by an unauthenticated reflected XSS vulnerability in the language parameter. The Nuclei template confirms unauthenticated reflected XSS, with impact described as enabling arbitrary JavaScript execution in the victim’s browser (session hijacking/defacement as per ...