15 matches found
CVE-2026-27479
creationtimestamp| type| source ---|---|--- 2026-02-21 09:16:58+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfebzxr5nj2h 2026-03-02 11:00:15+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mg33yxhdn62r...
CVE-2026-27479 Wallos: SSRF via Redirect Bypass in Logo/Icon URL Fetch
Wallos is an open-source, self-hostable personal subscription tracker. Versions 4.6.0 and below contain a Server-Side Request Forgery SSRF vulnerability in the subscription and payment logo/icon upload functionality. The application validates the IP address of the provided URL before making the...
CVE-2021-27479
ZOLL Defibrillator Dashboard, v prior to 2.2,The affected product’s web application could allow a low privilege user to inject parameters to contain malicious scripts to be executed by higher privilege users...
EUVD-2023-27479
Malicious code in bioql PyPI...
CVE-2025-27479
Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network...
CVE-2025-27479 Kerberos Key Distribution Proxy Service Denial of Service Vulnerability
...
CVE-2025-27479
CVE-2025-27479 appears in connected records as a Kerberos-related Denial-of-Service vulnerability described under the Kerberos Key Distribution Proxy Service. The available sources confirm an impact on Windows Kerberos with a network-based DoS potential due to an insufficient resource pool, but d...
CVE-2025-27479
creationtimestamp| type| source ---|---|--- 2025-04-08 16:14:25+00:00| seen| https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review...
CVE-2023-27479
creationtimestamp| type| source ---|---|--- 2023-03-07 22:23:18+00:00| published-proof-of-concept| https://t.me/cibsecurity/59614...
CVE-2023-27479
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with view rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper...
CVE-2023-27479 Improper Neutralization of Directives in Dynamically Evaluated Code in org.xwiki.platform:xwiki-platform-panels-ui
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with view rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper...
CVE-2023-27479 Improper Neutralization of Directives in Dynamically Evaluated Code in org.xwiki.platform:xwiki-platform-panels-ui
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with view rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper...
CVE-2022-27479 SQL injection vulnerability in chart data API
Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue...
CVE-2021-27479
ZOLL Defibrillator Dashboard, v prior to 2.2,The affected product’s web application could allow a low privilege user to inject parameters to contain malicious scripts to be executed by higher privilege users...
CVE-2021-27479
CVE-2021-27479 affects ZOLL Defibrillator Dashboard web application versions prior to 2.2. The vulnerability is a cross-site scripting (XSS) flaw where a low-privilege user can inject parameters that execute malicious scripts in higher-privilege sessions. Public data from Red Hat, NVD/NIST, CNVD,...