CVE-2026-27449

creationtimestamp| type| source ---|---|--- 2026-02-26 22:30:34+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mfsapnhm662w 2026-02-26 23:12:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfsd2w6jlm2e 2026-02-27 07:21:19+00:00| seen|...

CVE-2026-27449 Umbraco.Engage.Forms Allows Unauthorized Access to Multiple API Endpoints

Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where certain API endpoints are exposed without enforcing authentication or authorization checks. The affected endpoints can be accessed directly over the...

CVE-2026-27449

Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where certain API endpoints are exposed without enforcing authentication or authorization checks. The affected endpoints can be accessed directly over the...

CVE-2020-27449

Cross Site Scripting XSS vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload...

CVE-2023-27449

Missing Authorization vulnerability in TotalSuite Total Poll Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total Poll Lite: from n/a through 4.8.6...

CVE-2023-27449

CVE-2023-27449: WordPress Total Poll Lite plugin <= 4.8.6 suffers a Missing Authorization (Broken Access Control) vulnerability. The issue allows exploitation due to incorrectly configured access control with a required privilege of Subscriber. A fix is available in version 4.8.7; upgrading mi...

CVE-2023-27449 WordPress Total Poll Lite plugin <= 4.8.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in TotalSuite Total Poll Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total Poll Lite: from n/a through 4.8.6...

Advisory ROSA-SA-2023-2254

software: mariadb 10.5.20 OS: ROSA-CHROME packageevrstring: mariadb-10.5.20-1.src.rpm CVE-ID: CVE-2022-27447 BDU-ID: 2022-06909 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Binarystring::freebuffer function of the /sql/sqlstring.h component of the MariaDB DBMS is related to memory usage after...

BELL-CVE-2022-27449 CVE-2022-27449 does not affect BellSoft software

Bulletin has no description...

CVE-2020-27449

Cross Site Scripting XSS vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload...

CVE-2020-27449

CVE-2020-27449 affects Zoho ManageEngine Password Manager Pro (version 11.0.0.1, Query Report feature). The issue is a Cross-Site Scripting (XSS) vulnerability stemming from insufficient input filtering/escaping in the Query Report function that could allow remote attackers to execute arbitrary w...

CVE-2020-27449

Cross Site Scripting XSS vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload...

CVE-2020-27449

Cross Site Scripting XSS vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload...

CBL Mariner 2.0 Security Update: mariadb (CVE-2022-27449)

The version of mariadb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-27449 advisory. - MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component...

WordPress Total Poll Lite Plugin <= 4.8.6 is vulnerable to Broken Access Control

Software Total Poll Lite Type Plugin Vulnerable versions = 4.8.6 Fixed in 4.8.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-27449 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 02f4127c29b8 Credits Mika Required privilege...

SUSE CVE-2022-27449

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/itemfunc.cc:148...

Ubuntu: Security Advisory (USN-5739-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AlmaLinux 9 : galera, mariadb, and mysql-selinux (ALSA-2022:5948)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5948 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

mariadb:10.3 security and bug fix update

An update is available for Judy, mariadb, galera. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MariaDB is a multi-user, multi-threaded SQL database server tha...

RLSA-2022:6443 Moderate: mariadb:10.3 security and bug fix update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb 10.3.35, galera 25.3.35. Security Fixes: mariadb: MariaDB through 10.5.9 allows attackers to trigger a convertconsttoint...