CVE-2022-29827

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project files or execute programs illegally...

CVE-2021-29827

IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks again...

CVE-2025-29827

Improper Authorization in Azure Automation allows an authorized attacker to elevate privileges over a network...

CVE-2025-29827

Improper authorization in Azure Automation allows an authorized attacker to elevate privileges over a network...

CVE-2025-29827

creationtimestamp| type| source ---|---|--- 2025-05-08 22:25:00+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15632 2025-05-08 22:42:44+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114474625505155153 2025-05-08 23:15:53+00:00| seen|...

CVE-2022-29827

creationtimestamp| type| source ---|---|--- 2025-04-25 18:08:17+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13485...

Security Bulletin: A vulnerability affects IBM Db2 Big SQL on Cloud Pak for Data

Summary A vulnerability in the node.js ejs module affects IBM Db2 Big SQL 7.4 and earlier on Cloud Pak for Data 4.6 and earlier Vulnerability Details CVEID:CVE-2023-29827 DESCRIPTION: Node.js ejs module could allow a remote authenticated attacker to execute arbitrary code on the system, caused by...

CVE-2021-29827

IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks again...

CVE-2021-29827

creationtimestamp| type| source ---|---|--- 2024-12-18 23:50:43+00:00| seen| https://infosec.exchange/users/cve/statuses/113676507100184453 2024-12-19 02:15:26+00:00| seen| https://t.me/cvedetector/13293...

CVE-2021-29827

CVE-2021-29827 | IBM InfoSphere Information Server 11.7 suffers a cross-frame scripting (clickjacking) vulnerability. A remote attacker could entice a user to a malicious page to hijack the user’s click actions, potentially enabling further attacks. Affected product/version: InfoSphere Informatio...

CVE-2024-29827

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code...

CVE-2024-29827

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code...

CVE-2024-29827

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code...

CVE-2024-29827

CVE-2024-29827 is an SQL injection vulnerability in the Core server of Ivanti Endpoint Manager (EPM) 2022 SU5 and earlier. An unauthenticated, adjacent-network attacker can execute arbitrary code due to improper input handling in the Core server (PTSecurity notes involve the GetDBPatchProducts fu...

CVE-2024-29827

creationtimestamp| type| source ---|---|--- 2024-05-23 11:23:46+00:00| seen| https://t.me/thehackernews/5000 2024-05-23 11:51:37+00:00| seen| Telegram/4Vyo8nhBuKQ9xdInnoTG2Gzp0fS9UGeTbDwzP8ZNAtB6jA 2024-05-23 11:51:37+00:00| seen| https://t.me/tengkorakcybercrewz/8404 2024-05-23 11:51:37+00:00|...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js ejs module code execution vulnerability( CVE-2023-29827)

Summary Potential Node.js ejs module code execution vulnerability CVE-2023-29827 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-29827 DESCRIPTION: Node.js ejs module could allow...

CVE-2023-29827

creationtimestamp| type| source ---|---|--- 2023-05-04 18:33:20+00:00| seen| https://t.me/cibsecurity/63298 2026-05-27 19:48:15+00:00| seen| https://bsky.app/profile/andresbohren.bsky.social/post/3mmubm7gb3s22...

CVE-2023-29827

CVE-2023-29827 affects ejs 3.1.9; vulnerability is a server-side template injection when the closeDelimiter parameter is controllable. Vendor disputes the exploitability since render may not be used with untrusted input. Impact is described as high (CVSS v3.1 base 9.8) with network access, no use...

CVE-2023-29827

ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. NOTE: this is disputed by the vendor because the render function is not intended to be used with...

CVE-2023-29827

ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. NOTE: this is disputed by the vendor because the render function is not intended to be used with...