CVE-2024-27890

creationtimestamp| type| source ---|---|--- 2026-06-04 23:37:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnis6aopqb2o 2026-06-05 02:04:03+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mnj2djhret23...

CVE-2024-27890

CVE-2024-27890 affects Arista EOS platforms with OpenConfig enabled; a gNMI Set request can be accepted when it should be rejected, causing unexpected configuration changes. Affected EOS versions include 4.29.x (≤4.29.7M), 4.28.x (≤4.28.10M), 4.27.x (≤4.27.8M), 4.26.x (≤4.26.9M), 4.25.x (≤4.25.10...

CVE-2024-27890 On affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (No SSL Profiles Enabled).

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

CVE-2026-27890

creationtimestamp| type| source ---|---|--- 2026-04-17 20:00:33+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjppngjaeg26 2026-04-17 21:22:32+00:00| seen| Telegram/1afGr9vW06Zk0J3YeUW4MdlUf8TA53EPyuLeVgpLZqfvxp8 2026-04-17 21:38:56+00:00| seen|...

UBUNTU-CVE-2026-27890

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when processing CNCTspecificdata segments during authentication, the server assumes segments arrive in strictly ascending order. If segments arrive out of order, the Array class's grow...

PT-2025-35594

🟠 WhatsApp for iOS, Incomplete Authorization, CVE-2025-27890 Medium https://t.co/sEWb1FluxH...

CVE-2021-27890

SQL Injection vulnerablity in MyBB before 1.8.26 via theme properties included in theme XML files...

CVE-2023-27890

The Export User plugin through 2.0 for MyBB allows XSS during the process of an admin generating DSGVO data for a user, via the Custom User Title, Location, or Bio field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2023-27890

The Export User plugin through 2.0 for MyBB allows XSS during the process of an admin generating DSGVO data for a user, via the Custom User Title, Location, or Bio field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

MyBB Export User 2.0 Cross Site Scripting

Exploit Title: MyBB Export User Plugin 2.0 – Cross-Site Scripting Date: January 29, 2021 Author: 0xB9 Twitter: @0xB9sec Software Link: https://community.mybb.com/mods.php?action=view&pid=1408 Version: 2.0 Tested On: Windows 10 CVE: CVE-2023-27890 Description: This plugin allows users to request...

CVE-2022-27890

creationtimestamp| type| source ---|---|--- 2023-02-16 18:12:26+00:00| seen| https://t.me/cibsecurity/58321...

CVE-2022-27890

It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack wou...

CVE-2022-27890

CVE-2022-27890 concerns the sls-logging component, where hostname verification in TLS certificates was compromised by a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious actor in a privileged network position could abuse this to perform a man-in-the-middle attack, allowing interceptio...

MyBB 1.8.25 - Chained Remote Command Execution

Exploit Title: MyBB 1.8.25 - Chained Remote Command Execution Exploit Author: SivertPL [email protected] Date: 19.03.2021 Description: Nested autourl Stored XSS - templateset second order SQL Injection leading to RCE through improper string interpolation in eval. Software Link:...

CVE-2021-27890

SQL Injection vulnerablity in MyBB before 1.8.26 via theme properties included in theme XML files...

CVE-2021-27890

Summary of CVE-2021-27890 (MyBB SQL Injection) Affects MyBB versions prior to 1.8.26, where a SQL injection vulnerability exists via theme properties included in theme XML files. The issue is described as a SQL Injection vulnerability without publicly detailed exploit steps in the initial descrip...

CVE-2020-27890

The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Write Attributes No Response message. It crashes in zclParseInWriteCmd and does not update the specific attribute's value...

CVE-2020-27890

The vulnerability CVE-2020-27890 affects TI CC2538 devices using Z-Stack 3.0.1, where the Zigbee ZCL Write Attributes No Response message is not processed correctly. The issue causes a crash in zclParseInWriteCmd() and prevents updating the targeted attribute’s value, potentially leaving the attr...