CVE-2026-27507

creationtimestamp| type| source ---|---|--- 2026-02-24 16:38:00+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfmm3dxarr2v 2026-02-24 22:09:54+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mfn6mtw4az2h 2026-03-01 22:00:15+00:00| seen|...

CVE-2026-27507

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows full administrative access to the device...

CVE-2026-27507 Binardat 10G08-0800GSM Network Switch Hard-coded Credentials

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows full administrative access to the device...

CVE-2020-27507

The Kamailio SIP before 5.5.0 server mishandles INVITE requests with duplicated fields and overlength tag, leading to a buffer overflow that crashes the server or possibly have unspecified other impact...

CVE-2025-27507

The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. ZITADEL's Admin API contains Insecure Direct Object Reference IDOR vulnerabilities that allow authenticated users, without specific IAM roles, to modify sensitive settings. While...

CVE-2025-27507

creationtimestamp| type| source ---|---|--- 2025-03-04 18:31:35+00:00| seen| Telegram/1O5z91QcHmrjRz26b3O2xs57dQF3nVw-sSDMEN0aU64nGRA 2025-03-04 19:48:36+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114105890556873873 2025-03-04 20:01:42+00:00| seen|...

CVE-2025-27507

The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. ZITADEL's Admin API contains Insecure Direct Object Reference IDOR vulnerabilities that allow authenticated users, without specific IAM roles, to modify sensitive settings. While...

CVE-2025-27507 IDOR Vulnerabilities in ZITADEL's Admin API that Primarily Impact LDAP Configurations

The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. ZITADEL's Admin API contains Insecure Direct Object Reference IDOR vulnerabilities that allow authenticated users, without specific IAM roles, to modify sensitive settings. While...

CVE-2025-27507 IDOR Vulnerabilities in ZITADEL's Admin API that Primarily Impact LDAP Configurations

The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. ZITADEL's Admin API contains Insecure Direct Object Reference IDOR vulnerabilities that allow authenticated users, without specific IAM roles, to modify sensitive settings. While...

CVE-2025-27507 IDOR Vulnerabilities in ZITADEL's Admin API that Primarily Impact LDAP Configurations

The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. ZITADEL's Admin API contains Insecure Direct Object Reference IDOR vulnerabilities that allow authenticated users, without specific IAM roles, to modify sensitive settings. While...

CVE-2024-27507

creationtimestamp| type| source ---|---|--- 2024-02-27 16:26:21+00:00| seen| https://t.me/ctinow/194574 2024-02-27 16:32:20+00:00| seen| https://t.me/ctinow/194583 2024-03-14 15:21:49+00:00| seen| https://t.me/ctinow/207857...

CVE-2024-27507

libLAS 1.8.1 contains a memory leak vulnerability in /libLAS/apps/ts2las.cpp...

CVE-2024-27507

Summary of CVE-2024-27507 : A memory leak vulnerability in libLAS 1.8.1 affecting the component/file /libLAS/apps/ts2las.cpp. The issue is linked to the package libLAS 1.8.1 (LiDAR LAS format library). Fedora advisories indicate that updating to the git commit f1da555 (liblas-1.8.2-0.12.gitf1da55...

Debian: Security Advisory (DLA-3438-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3438 : kamailio - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3438 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3438-1 [email protected] https://www.debian.org/lts/security/...

CVE-2023-27507

CVE-2023-27507 affects MicroEngine Mailform, versions 1.1.0 through 1.1.8. The root cause is a path traversal vulnerability in the file upload/server save logic, allowing a remote attacker to save arbitrary files on the server and execute them when the affected functions are enabled. Impact inclu...

CVE-2023-27507

MicroEngine Mailform version 1.1.0 to 1.1.8 contains a path traversal vulnerability. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it...

USN-6022-1 kamailio vulnerabilities

It was discovered that Kamailio did not properly sanitize SIP messages under certain circumstances. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and 18.04 ESM. CVE-2018-16657 It was discovered...

USN-6022-1: Kamailio vulnerabilities

It was discovered that Kamailio did not properly sanitize SIP messages under certain circumstances. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and 18.04 ESM. CVE-2018-16657 It was discovered...

CVE-2020-27507

creationtimestamp| type| source ---|---|--- 2023-03-15 23:30:08+00:00| seen| https://t.me/cibsecurity/60090 2025-03-02 11:44:19+00:00| seen| Telegram/fyzFqjuXCkdPmO83bEGfiGYI8venyJkbQsk1XacvxPClMfq...