CVE-2026-27912 Windows Kerberos Elevation of Privilege Vulnerability

...

CVE-2026-27912

creationtimestamp| type| source ---|---|--- 2026-04-14 15:49:19+00:00| seen| https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review 2026-04-14 20:08:23+00:00| seen| Telegram/qc8EuM8RoJB0nEWybUd-c6JLjAlz3LHwHn05WKBBSScH1U 2026-04-14 20:08:37+00:00| seen|...

EUVD-2023-27912

Malicious code in bioql PyPI...

CVE-2025-27912

An issue was discovered in Datalust Seq before 2024.3.13545. Missing Content-Type validation can lead to CSRF when 1 Entra ID or OpenID Connect authentication is in use and a user visits a compromised/malicious site, or 2 when username/password or Active Directory authentication is in use and a...

CVE-2025-27912

creationtimestamp| type| source ---|---|--- 2025-03-11 08:38:55+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7120 2025-03-11 09:31:03+00:00| seen| Telegram/VmMuGE7Rb8M0CTKtbBCx8A-ZtXlhfTER7CBMGSEtWA4Slk 2025-03-11 09:48:37+00:00| seen|...

CVE-2025-27912

An issue was discovered in Datalust Seq before 2024.3.13545. Missing Content-Type validation can lead to CSRF when 1 Entra ID or OpenID Connect authentication is in use and a user visits a compromised/malicious site, or 2 when username/password or Active Directory authentication is in use and a...

CVE-2025-27912

An issue was discovered in Datalust Seq before 2024.3.13545. Missing Content-Type validation can lead to CSRF when 1 Entra ID or OpenID Connect authentication is in use and a user visits a compromised/malicious site, or 2 when username/password or Active Directory authentication is in use and a...

CVE-2025-27912

CVE-2025-27912 affects Datalust Seq prior to 2024.3.13545. The issue is caused by missing Content-Type validation, enabling CSRF when a user authenticated via Entra ID/OpenID Connect, or via username/password/AD, visits a malicious site on the same TLD as the Seq server. Exploitation could allow ...

CVE-2024-27912

A denial of service vulnerability was reported in some Lenovo Printers that could allow an attacker to cause the device to crash by sending crafted LPD packets...

CVE-2023-27912

creationtimestamp| type| source ---|---|--- 2023-04-14 22:26:00+00:00| seen| https://t.me/cibsecurity/62174...

CVE-2023-27912

A maliciously crafted XB file when parsed through Autodesk® AutoCAD® 2023 can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process...

CVE-2023-27912

CVE-2023-27912 affects Autodesk AutoCAD 2023, where parsing a malicious X_B file can trigger an Out-of-Bounds Read, potentially causing a crash, exposing data, or allowing arbitrary code execution in the current process. Affected component: X_B parsing in AutoCAD 2023. Root cause: out-of-bounds r...

Joomla! 4.0.0 - 4.2.3 Multiple Vulnerabilities

Joomla! is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla"; ifdescription...

CVE-2022-27912

creationtimestamp| type| source ---|---|--- 2022-10-25 22:26:48+00:00| seen| https://t.me/cibsecurity/52066...

CVE-2022-27912

An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests...

CVE-2022-27912

CVE-2022-27912 affects Joomla! 4.0.0–4.2.3; publicly enabled debug mode leaks data from previous requests (BIT-JOOMLA notes it may include full request payloads, including passwords). Mitigation: disable public debug mode and upgrade to Joomla! 4.2.4 or later.

CVE-2022-27912 [20221001] - Core - Debug Mode leaks full request payloads including passwords

An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests...

Joomla 4.0.x < 4.2.4 Multiple Vulnerabilities (5870-joomla-4-2-4-security-release)

According to its self-reported version, the instance of Joomla! running on the remote web server is 4.0.x prior to 4.2.4. It is, therefore, affected by multiple vulnerabilities. - Joomla 4 sites with publicly enabled debug mode exposed data of previous requests. CVE-2022-27912 - Inadequate...

CVE-2021-27912

The CVE-2021-27912 entry describes an inline JavaScript XSS vulnerability in Mautic assets that affects versions before 3.3.4/4.0.0. An authenticated user with permission to create or edit assets can leverage inline JS in asset titles and a broken image URL to perform the attack. The most consist...

macOS 10.14.x < 10.14.6 Security Update 2020-007 / 10.15.x < 10.15.7 Security Update 2020-001 / macOS 11.x < 11.1 (HT212011)

The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.6 Security Update 2020-007 Mojave, 10.15.x prior to 10.15.7 Security Update 2020-001 Catalina, or 11.x prior to 11.1. It is, therefore, affected by multiple vulnerabilities, including the following: - Processi...