17 matches found
CVE-2026-27895 LAM has incorrect regular expression in PDF export component that allows user to upload files of any type
LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. Prior to version 9.5, the PDF export component does not correctly validate uploaded file extensions. This way any file type including .php files can be uploaded. With...
CVE-2026-27895
LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. Prior to version 9.5, the PDF export component does not correctly validate uploaded file extensions. This way any file type including .php files can be uploaded. With...
EUVD-2023-27895
Malicious code in bioql PyPI...
CVE-2023-27895
SAP Authenticator for Android - version 1.3.0, allows the screen to be captured, if an authorized attacker installs a malicious app on the mobile device. The attacker could extract the currently views of the OTP and the secret OTP alphanumeric token during the token setup. On successful...
CVE-2022-27895
creationtimestamp| type| source ---|---|--- 2025-04-29 20:12:23+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13904...
CVE-2024-27895
creationtimestamp| type| source ---|---|--- 2025-03-28 20:29:04+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9461...
CVE-2024-27895
Vulnerability of permission control in the window module. Successful exploitation of this vulnerability may affect confidentiality...
CVE-2024-27895
Vulnerability of permission control in the window module. Successful exploitation of this vulnerability may affect confidentiality...
CVE-2023-27895
SAP Authenticator for Android (version 1.3.0) is reported to expose OTP-related data when a malicious app is installed on a device, allowing screen capture during token setup. The attacker could read the currently viewed OTP and the secret OTP alphanumeric token, but cannot modify or delete data....
CVE-2023-27895 Information Disclosure vulnerability in SAP Authenticator for Android
SAP Authenticator for Android - version 1.3.0, allows the screen to be captured, if an authorized attacker installs a malicious app on the mobile device. The attacker could extract the currently views of the OTP and the secret OTP alphanumeric token during the token setup. On successful...
CVE-2023-27895 Information Disclosure vulnerability in SAP Authenticator for Android
SAP Authenticator for Android - version 1.3.0, allows the screen to be captured, if an authorized attacker installs a malicious app on the mobile device. The attacker could extract the currently views of the OTP and the secret OTP alphanumeric token during the token setup. On successful...
CVE-2022-27895 A component in Foundry logging was found to be capturing sensitive information in logs.
Information Exposure Through Log Files vulnerability discovered in Foundry when logs were captured using an underlying library known as Build2. This issue was present in versions earlier than 1.785.0. Upgrade to Build2 version 1.785.0 or greater...
CVE-2022-27895 A component in Foundry logging was found to be capturing sensitive information in logs.
Information Exposure Through Log Files vulnerability discovered in Foundry when logs were captured using an underlying library known as Build2. This issue was present in versions earlier than 1.785.0. Upgrade to Build2 version 1.785.0 or greater...
CVE-2022-27895
CVE-2022-27895 concerns an information exposure in Palantir Foundry due to logging behavior when using the Build2 library. The issue affects Foundry versions prior to Build2 1.785.0, where sensitive information could be captured in log files. Publicly available details in the CVE description indi...
CVE-2020-27895
creationtimestamp| type| source ---|---|--- 2020-12-09 00:36:30+00:00| seen| https://t.me/cibsecurity/17305 2020-12-09 07:34:46+00:00| seen| https://t.me/cibsecurity/17447...
CVE-2020-27895
An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. This issue is fixed in iTunes 12.11 for Windows. A malicious application may be able to access local users Apple IDs...
CVE-2020-27895
CVE-2020-27895 is an information-disclosure issue in the transition of program state that is addressed in iTunes 12.11 for Windows. The Apple security content describes a local-access impact where a malicious application may be able to read local user Apple IDs, tied to a broader set of Windows S...