CVE-2026-27440

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saad Iqbal myCred mycred allows Stored XSS.This issue affects myCred: from n/a through = 2.9.7.6...

CVE-2026-27440 WordPress myCred plugin <= 2.9.7.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saad Iqbal myCred mycred allows Stored XSS.This issue affects myCred: from n/a through = 2.9.7.6...

Zoom Workplace Desktop App < 6.3.0 Heap-Based Buffer Overflow (ZSB-25012)

The version of Zoom Workplace Desktop App installed on the remote host is prior to 6.3.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-25012 advisory. - Heap overflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via...

CVE-2025-27440

Heap overflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access...

CVE-2025-27440

creationtimestamp| type| source ---|---|--- 2025-03-11 11:28:49+00:00| seen| https://bsky.app/profile/ripjyr.bsky.social/post/3lk3xmbkm452f 2025-03-11 19:48:51+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114145527796469293 2025-03-11 20:46:19+00:00| seen|...

CVE-2023-27440

Unrestricted Upload of File with Dangerous Type vulnerability in OnTheGoSystems Types.This issue affects Types: from n/a through 3.4.17...

CVE-2023-27440 WordPress Toolset Types plugin <= 3.4.17 - Authenticated Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in OnTheGoSystems Types.This issue affects Types: from n/a through 3.4.17...

CVE-2023-27440

CVE-2023-27440 affects OnTheGoSystems Types plugin for WordPress (

CVE-2024-27440

The CVE-2024-27440 entry concerns the Toyoko Inn official App for iOS (prior to 1.13.0) and Android (prior to 1.3.14). The root issue is improper verification of server certificates, enabling a man-in-the-middle attacker to spoof servers and obtain sensitive information via crafted certificates. ...

WordPress Types Plugin <= 3.4.17 is vulnerable to Arbitrary File Upload

Software Types Type Plugin Vulnerable versions = 3.4.17 Fixed in 3.4.18 OWASP Top 10 A6: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2023-27440 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID f01af6037806 Credits Dave Jong Patchstack Required...

CVE-2021-27440

Summary: CVE-2021-27440 concerns GE Reason DR60 firmware with a hard-coded password used for inbound authentication or outbound communication to external components in all versions before 02A04.1. Affected product/versions (as stated): Reason DR60 firmware prior to 02A04.1. Root cause (as describ...

Symantec Veritas Storage Foundation Scheduler服务远程拒绝服务漏洞

BUGTRAQ ID: 27440 CVECAN ID: CVE-2007-4516 Veritas Storage Foundation是用于管理Veritas产品存储的解决方案。 Veritas Storage Foundation的Veritas Scheduler服务处理畸形用户请求时存在漏洞，远程攻击者可能利用此漏洞导致服务不可用。 如果Veritas Scheduler服务（VxSchedService.exe）接收到了畸形报文，就会触发无效的内存访问，导致该服务崩溃。攻击者无需认证便可以利用这个漏洞，但必须要在服务的4888端口创建TCP会话。 Symantec Verit...