17 matches found
CVE-2025-27505
creationtimestamp| type| source ---|---|--- 2025-07-10 20:15:34+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-27505.yaml 2025-07-14 21:02:22+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3ltxbwwatkv2p 2025-07-24...
CVE-2025-27505
GeoServer is an open source server that allows users to share and edit geospatial data. It is possible to bypass the default REST API security and access the index page. The REST API security handles rest and its subpaths but not rest with an extension e.g., rest.html. The REST API index can...
CVE-2025-27505
GeoServer contains a REST API index authorization bypass vulnerability (CVE-2025-27505). The REST security excludes paths with extensions (for example rest.html), allowing unauthenticated access to the REST API Index and potentially revealing installed extensions and API endpoints. Affected codep...
CVE-2023-27505
creationtimestamp| type| source ---|---|--- 2023-08-11 07:32:35+00:00| seen| https://t.me/cibsecurity/68317...
CVE-2023-27505
Incorrect default permissions in some IntelR Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2023-27505
Incorrect default permissions in some IntelR Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2023-27505
Incorrect default permissions in some IntelR Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2023-27505
Intel’s advisory CVE-2023-27505 applies to Intel® Advanced Link Analyzer Standard Edition installers prior to version 22.1.1, where incorrect default permissions may allow an authenticated user to escalate privileges via local access. The vulnerability affects the installer component and is rated...
Intel® Advanced Link Analyzer Advisory
Summary: A potential security vulnerability in some Intel® Advanced Link Analyzer Standard Edition software installers may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-27505 Description: Incorre...
CVE-2021-27505
creationtimestamp| type| source ---|---|--- 2022-05-13 20:27:08+00:00| seen| https://t.me/cibsecurity/42685...
CVE-2021-27505 mySCADA myPRO Exposure of Information Through Directory Listing
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information...
CVE-2021-27505
CVE-2021-27505 affects mySCADA myPRO prior to 8.20.0. The exposed issue is Exposure of Information Through Directory Listing due to improper access control, allowing unauthorized read access to sensitive directory listing information. Affected product: myPRO (industrial HMI/SCADA) with versions b...
CVE-2021-27505 mySCADA myPRO Exposure of Information Through Directory Listing
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information...
CVE-2022-27505
Reflected cross site scripting XSS...
CVE-2022-27505
Reflected cross site scripting XSS...
CVE-2022-27505
Citrix SD-WAN is affected by CVE-2022-27505 (Reflected XSS). The issue affects Citrix SD-WAN Standard/Premium Edition Appliance, with exploitation requiring a valid active session on the vulnerable device. Affected versions are before 11.4.3a. The root cause is improper input validation/filtering...
Citrix SD-WAN Security Bulletin for CVE-2022-27505 and CVE-2022-27506
Vulnerabilities have been discovered in multiple Citrix SD-WAN products. These vulnerabilities, if exploited, could result in the following security issues: CVE-ID| Description| CWE| Affected Products| Pre-conditions ---|---|---|---|--- CVE-2022-27505| Reflected cross site scriptingXSS| CWE-79:...