CVE-2026-27648

in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps...

CVE-2026-27648

OpenHarmony WebWebView component on OpenHarmony v6.0 and earlier is affected by an out-of-bounds write vulnerability that enables remote code execution in pre-installed apps. Affected: web_webview in OpenHarmony before/including v6.0. Root cause: out-of-bounds write (details not enumerated beyond...

CVE-2022-27648

This vulnerability allows remote attackers to execute arbitrary code on affected installations of KOYO Screen Creator 0.1.1.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2023-27648

Directory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277 allows a remote attacker to execute arbitrary code via the dex file in the internal storage...

CVE-2025-27648

creationtimestamp| type| source ---|---|--- 2025-03-06 00:00:18+00:00| seen| https://bsky.app/profile/vulnalerts.bsky.social/post/3ljo6sa7rnv2b 2025-03-06 02:16:25+00:00| seen| Telegram/Ny94pmHLeutDxh0sf5gPgGBHz5a4ga4NWnjBeNx2vKLtBwX 2025-03-06 12:00:12+00:00| seen|...

CVE-2025-27648

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.913 Application 20.0.2253 allows Cross Tenant Password Exposure V-2024-003...

CVE-2025-27648

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.913 Application 20.0.2253 allows Cross Tenant Password Exposure V-2024-003...

Synology DiskStation Manager Improper Certificate Validation (CVE-2020-27648)

Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager DSM before 6.2.3-25426-2 allows man-in- the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. This plugin only works with Tenable.ot. Please visit...

CVE-2023-27648

creationtimestamp| type| source ---|---|--- 2023-04-14 16:26:02+00:00| seen| https://t.me/cibsecurity/62134...

CVE-2023-27648

Directory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277 allows a remote attacker to execute arbitrary code via the dex file in the internal storage...

CVE-2023-27648

CVE-2023-27648: A directory traversal vulnerability affects T-ME Studios Change Color of Keypad v1.275.1.277. The flaw enables a remote attacker to execute arbitrary code via a dex file stored in internal storage. Severity is reflected as CRITICAL (CVSS 3.1, base score 9.8). Root cause involves u...

CVE-2022-27648

CVE-2022-27648 affects KOYO Screen Creator 0.1.1.1. The flaw is in parsing of SCA2 files where the length of user-supplied data is not validated before copying to a fixed-length stack-based buffer, enabling remote code execution when a user visits a malicious page or opens a malicious file. Attac...

CVE-2022-27648

This vulnerability allows remote attackers to execute arbitrary code on affected installations of KOYO Screen Creator 0.1.1.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Synology DiskStation Manager (DSM) 6.2.x < 6.2.3-25426-2 Multiple Vulnerabilities (Synology-SA-20:18) - Remote Known Vulnerable Versions Check

Synology DiskStation Manager DSM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Synology DiskStation Manager (DSM) 6.2.x < 6.2.3-25426-2 Multiple Vulnerabilities (Synology-SA-20:18) - Unreliable Remote Version Check

Synology DiskStation Manager DSM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2021-27648

Externally controlled reference to a resource in another sphere in quarantine functionality in Synology Antivirus Essential before 1.4.8-2801 allows remote authenticated users to obtain privilege via unspecified vectors...

CVE-2021-27648

Synology Antivirus Essential prior to 1.4.8-2801 is affected. The issue arises from an externally controlled reference to a resource in quarantine functionality, enabling remote authenticated users to obtain privileges via unspecified vectors. Affected component: quarantine logic handling externa...

CVE-2020-27648

CVE-2020-27648 affects Synology DiskStation Manager (DSM) via the OpenVPN client before 6.2.3-25426-2. The issue is improper certificate validation in the OpenVPN client, enabling MITM attackers to spoof servers and obtain sensitive information with a crafted certificate. Public disclosures in th...