26 matches found
CVE-2026-27509
Unitree Go2 firmware versions V1.1.7 through V1.1.9, and V1.1.11 EDU do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programmingactuator/request handled by actuatormanager.py. A network-adjacent, unauthenticated attacker can join DDS domain 0 and publi...
CVE-2026-27509
creationtimestamp| type| source ---|---|--- 2026-02-26 19:28:10+00:00| seen| https://bsky.app/profile/r-netsec-bot.bsky.social/post/3mfrwjim45725 2026-02-26 20:39:33+00:00| seen| https://bsky.app/profile/r-netsec.bsky.social/post/3mfs2j4uxcn2u 2026-02-27 08:52:53+00:00| seen|...
CVE-2021-27509
In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code...
EUVD-2023-27509
Malicious code in bioql PyPI...
CVE-2020-27509
Persistent XSS in Galaxkey Secure Mail Client in Galaxkey up to 5.6.11.5 allows an attacker to perform an account takeover by intercepting the HTTP Post request when sending an email and injecting a specially crafted XSS payload in the 'subject' field. The payload executes when the recipient logs...
CVE-2025-27509
fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time JIT provisioning is enabled, or create new...
CVE-2025-27509
fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time JIT provisioning is enabled, or create new...
CVE-2025-27509 SAML authentication vulnerability due to improper SAML response validation
fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time JIT provisioning is enabled, or create new...
CVE-2025-27509
Fleet has a SAML authentication vulnerability (CVE-2025-27509) due to improper SAML response validation in fleetdm/fleet. In vulnerable versions, an attacker could forge authentication assertions, potentially provisioning a new administrative user under JIT provisioning or creating accounts tied ...
CVE-2023-27509
creationtimestamp| type| source ---|---|--- 2023-08-11 07:29:28+00:00| seen| https://t.me/cibsecurity/68292...
CVE-2023-27509
Improper access control in some IntelR ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access...
CVE-2023-27509
Improper access control in some IntelR ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access...
CVE-2023-27509
Improper access control in some IntelR ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access...
CVE-2023-27509
CVE-2023-27509 affects Intel® ISPC software installers for Windows prior to version 1.19.0, due to improper access control that may allow an authenticated user to escalate privileges via local access. Intel advisory (Intel-SA-00849) documents the vulnerability with CVSS v3.1 base score 6.6 (AV:L/...
Intel® ISPC Software Installer Advisory
Summary: A potential security vulnerability in some Intel® Implicit SPMD Program Compiler ISPC software installers may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-27509 Description: Improper...
CVE-2022-27509
creationtimestamp| type| source ---|---|--- 2022-07-28 18:12:35+00:00| seen| https://t.me/cibsecurity/47205...
CVE-2022-27509
Unauthenticated redirection to a malicious website...
CVE-2022-27509
Unauthenticated redirection to a malicious website...
CVE-2022-27509
CVE-2022-27509 describes an unauthenticated redirect vulnerability in Citrix ADC and Citrix Gateway. A victim user clicking an attacker-crafted link can be redirected to a malicious website due to insufficient data authenticity verification (CWE-345). Affected appliance versions include Citrix AD...
CVE-2022-27509 Unauthenticated redirection to a malicious website
Unauthenticated redirection to a malicious website...