CVE-2025-14491

CVE-2025-14491 affects RealDefense SUPERAntiSpyware. The issue resides in the SAS Core Service and is caused by an exposed dangerous function, enabling a local attacker who can run low-privileged code to escalate privileges to SYSTEM and execute arbitrary code. The vulnerability is tied to ZDI ad...

CVE-2025-27660

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Cross Site Scripting OVE-20230524-0003...

CVE-2025-27660

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Cross Site Scripting OVE-20230524-0003...

CVE-2025-27660

Vulnerability CVE-2025-27660 affects Vasion Print (formerly PrinterLogic) prior to Virtual Appliance Host 22.0.843 and Application 20.0.1923, allowing Cross Site Scripting (XSS) via OVE-20230524-0003. The connected documents confirm the affected product and the XSS outcome but do not provide expl...

CVE-2024-27660

creationtimestamp| type| source ---|---|--- 2024-02-29 21:31:53+00:00| seen| https://t.me/ctinow/197044...

CVE-2024-27660

CVE-2024-27660 affects the D-Link DIR-823G, specifically the A1V1.0.2B05 firmware. The issue is a None/Null-pointer dereference in function sub_41C488(), which can be triggered by crafted input to cause a Denial of Service. Documents consistently describe this vulnerability and its impact as DoS ...

CVE-2022-27660

CVE-2022-27660 — TCL LinkHub Mesh Wi‑Fi MS1G_00_01.00_14 A denial of service vulnerability exists in confctl_set_guest_wlan. TALOS reports that a specially-crafted Protobuffer packet sent to port 9003 can trigger DoS, and that the vulnerability can be exploited without authentication over either ...

TCL LinkHub Mesh Wifi confctl_set_guest_wlan denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1502 TCL LinkHub Mesh Wifi confctlsetguestwlan denial of service vulnerability August 1, 2022 CVE Number CVE-2022-27660 SUMMARY A denial of service vulnerability exists in the confctlsetguestwlan functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A...

CVE-2021-27660

An insecure client auto update feature in C-CURE 9000 can allow remote execution of lower privileged Windows programs...

CVE-2021-27660

CVE-2021-27660 affects Johnson Controls C-CURE 9000. The vulnerability arises from an insecure client auto-update feature (improper input validation CWE-20) that can enable remote execution of lower-privileged Windows programs. Impact is high (C/H/I/H/A/H) with network vector and low attack compl...

Sensormatic Electronics C-CURE 9000 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: C-CURE 9000 Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

CVE-2020-27660

creationtimestamp| type| source ---|---|--- 2020-11-30 12:52:47+00:00| seen| https://t.me/cibsecurity/16925...

CVE-2020-27660

SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter...

CVE-2020-27660

SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter...

CVE-2020-27660

CVE-2020-27660 is an SQL injection in Synology SafeAccess’ request.cgi that accepts a domain parameter and constructs an SQL query without proper escaping, enabling remote attackers to execute arbitrary SQL. The linked TALOS advisory TALOS-2020-1087 describes a SafeAccess SRM 1.2.1-0220 package s...