17 matches found
CVE-2025-27563
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission...
CVE-2025-27563
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission...
CVE-2025-27563 security_access_token has an improper preservation of permissions vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission...
CVE-2025-27563
OpenHarmony vulnerability CVE-2025-27563 affects OpenHarmony v5.0.3 and earlier. A local attacker can cause information leakage due to improper preservation of permissions when accessing the get permission. The issue is explicitly described across multiple sources as a local information leak with...
CVE-2025-27563 security_access_token has an improper preservation of permissions vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission...
CVE-2023-27563
The n8n package 0.218.0 for Node.js allows Escalation of Privileges...
CVE-2024-27563
creationtimestamp| type| source ---|---|--- 2024-03-05 18:27:07+00:00| seen| https://t.me/ctinow/200546 2024-03-05 18:27:13+00:00| seen| https://t.me/ctinow/200552...
CVE-2024-27563
A Server-Side Request Forgery SSRF in the getFileFromRepo function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl parameter...
CVE-2024-27563
CVE-2024-27563 is an SSRF in WonderCMS v3.1.3, traced to the getFileFromRepo function. The flaw lets an attacker coerce the application to make arbitrary outbound requests by injecting crafted URLs into the pluginThemeUrl parameter. Affected software: WonderCMS 3.1.3 (PHP-based CMS). Root cause: ...
CVE-2023-27563
creationtimestamp| type| source ---|---|--- 2023-05-10 18:19:34+00:00| seen| https://t.me/cibsecurity/63751 2025-01-28 03:22:55+00:00| seen| Telegram/6iaewjPdbCDRdiqhBPlwojJn5HWNVd503rhzISLQnTtYyCl...
n8n-nodes-accelo (>=0.1.0 <=0.1.9), n8n-nodes-closeio (=0.1.0) +7 more potentially affected by CVE-2023-27563 via n8n (>=0.138.0 <=0.214.5)
n8n NPM version =0.138.0, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.1.7 Source cves: CVE-2023-27563 Source advisory: OSV:GHSA-97CP-MR4M-9MCF...
CVE-2023-27563
The CVE-2023-27563 entry concerns the n8n package 0.218.0 for Node.js. A root cause described in connected sources is a lack of object checks when merging user-supplied fields with the server object in the updateCurrentUser path (MeController), enabling an authenticated user to escalate privilege...
CVE-2023-27563
The n8n package 0.218.0 for Node.js allows Escalation of Privileges...
CVE-2023-27563
The n8n package 0.218.0 for Node.js allows Escalation of Privileges...
CVE-2022-27563
creationtimestamp| type| source ---|---|--- 2022-08-31 02:36:03+00:00| seen| https://t.me/cibsecurity/49087...
CVE-2022-27563
CVE-2022-27563 affects HCL VersionVault Express. An unauthenticated attacker can overload a section of VersionVault Express, producing a denial-of-service condition. Public references in the dataset cite affected versions (e.g., HCL VersionVault Express 2.0.1/2.1.0 in CNVD) and describe the impac...
CVE-2022-27563 Overload/denial of service affects HCL VersionVault Express
An unauthenticated user can overload a part of HCL VersionVault Express and cause a denial of service...