CVE-2025-29023

creationtimestamp| type| source ---|---|--- 2025-12-11 04:29:45+00:00| seen| https://gist.github.com/gugugu1364/76a5b46953118e1fb8f88f767b0e0dbe...

CVE-2021-29023

InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is generated using a weak mechanism that is predictable...

Debian: Security Advisory (DLA-4136-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-29023 Session Hijacking via token exposure on the session page in Xibo CMS

Xibo is an Open Source Digital Signage platform with a web content management system and Windows display player software. Session tokens are exposed in the return of session search API call on the sessions page. Subsequently they can be exfiltrated and used to hijack a session. Users must be...

CVE-2024-29023 Session Hijacking via token exposure on the session page in Xibo CMS

Xibo is an Open Source Digital Signage platform with a web content management system and Windows display player software. Session tokens are exposed in the return of session search API call on the sessions page. Subsequently they can be exfiltrated and used to hijack a session. Users must be...

CVE-2023-29023

creationtimestamp| type| source ---|---|--- 2023-05-11 22:15:36+00:00| seen| https://t.me/cibsecurity/63906...

CVE-2023-29023

CVE-2023-29023 affects Rockwell Automation’s ArmorStart ST. The issue is a cross-site scripting vulnerability (improper input handling) that could allow a malicious user to view/modify sensitive data or render the web page unavailable, with exploitation requiring user interaction (e.g., phishing)...

CVE-2022-29023

A buffer overflow vulnerability exists in the razermouse driver of OpenRazer up to version v3.3.0 allows attackers to cause a Denial of Service DoS and possibly escalate their privileges via a crafted buffer sent to the matrixcustomframe device...

UBUNTU-CVE-2022-29023

A buffer overflow vulnerability exists in the razermouse driver of OpenRazer up to version v3.3.0 allows attackers to cause a Denial of Service DoS and possibly escalate their privileges via a crafted buffer sent to the matrixcustomframe device...

CVE-2022-29023

A buffer overflow vulnerability exists in the razermouse driver of OpenRazer up to version v3.3.0 allows attackers to cause a Denial of Service DoS and possibly escalate their privileges via a crafted buffer sent to the matrixcustomframe device...

CVE-2022-29023

CVE-2022-29023 : A buffer overflow exists in the OpenRazer razermouse driver (affected up to v3.3.0) that can cause a Denial of Service and may allow privilege escalation via a crafted buffer sent to the matrix_custom_frame device. The Debian LTS advisory confirms this issue across OpenRazer driv...

CVE-2021-29023

InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is generated using a weak mechanism that is predictable...

CVE-2021-29023

InvoicePlane 1.5.11 is affected by a vulnerability where there is no rate limiting for password resets and the reset token is generated by a weak, predictable mechanism. Affected component is the password reset flow within InvoicePlane; root cause is lack of rate-limiting and weak token generatio...

CVE-2020-29023

creationtimestamp| type| source ---|---|--- 2021-02-16 18:47:58+00:00| seen| https://t.me/cibsecurity/23641...

CVE-2020-29023

Improper Encoding or Escaping of Output from CSV Report Generator of Secomea GateManager allows an authenticated administrator to generate a CSV file that may run arbitrary commands on a victim's computer when opened in a spreadsheet program like Excel. This issue affects: Secomea GateManager all...

CVE-2020-29023

The CVE-2020-29023 issue affects Secomea GateManager (all versions prior to 9.3). The root cause is improper encoding/escaping in the CSV Report Generator, enabling CSV formula injection. An authenticated administrator can generate a CSV that, when opened in a spreadsheet (e.g., Excel), may execu...

cPanel Authorization Issues Vulnerability (CNVD-2019-29023)

cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. An authorization issue vulnerability exists in versions prior to cPanel 55.9999.141. The vulnerability stems from a lack...