20 matches found
CVE-2026-32248
creationtimestamp| type| source ---|---|--- 2026-03-12 22:17:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgvgiq367b2x 2026-03-13 07:32:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116220700178176253 2026-03-13 08:10:06+00:00| seen|...
CVE-2026-32248 Parse Server: Account takeover via operator injection in authentication data identifier
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.12 and 8.6.38, an unauthenticated attacker can take over any user account that was created with an authentication provider that does not validate the format of the user...
CVE-2022-32248
Due to missing input validation in the Manage Checkbooks component of SAP S/4HANA - version 101, 102, 103, 104, 105, 106, an attacker could insert or edit the value of an existing field in the database. This leads to an impact on the integrity of the data...
CVE-2025-32248
Cross-Site Request Forgery CSRF vulnerability in SwiftXR SwiftXR 3D/AR/VR Viewer swiftxr-3darvr-viewer allows Cross Site Request Forgery.This issue affects SwiftXR 3D/AR/VR Viewer: from n/a through = 1.0.7...
CVE-2025-32248
Cross-Site Request Forgery CSRF vulnerability in SwiftXR SwiftXR 3D/AR/VR Viewer swiftxr-3darvr-viewer allows Cross Site Request Forgery.This issue affects SwiftXR 3D/AR/VR Viewer: from n/a through = 1.0.7...
CVE-2025-32248
Technical details for CVE-2025-32248 are not provided in the connected documents; no root-cause, affected components, exploit data, or fixes are included. Monitor for updates.
CVE-2025-32248 WordPress SwiftXR (3D/AR/VR) Viewer plugin <= 1.0.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in SwiftXR SwiftXR 3D/AR/VR Viewer allows Cross Site Request Forgery. This issue affects SwiftXR 3D/AR/VR Viewer: from n/a through 1.0.7...
CVE-2025-32248 WordPress SwiftXR (3D/AR/VR) Viewer plugin <= 1.0.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in SwiftXR SwiftXR 3D/AR/VR Viewer swiftxr-3darvr-viewer allows Cross Site Request Forgery.This issue affects SwiftXR 3D/AR/VR Viewer: from n/a through = 1.0.7...
WordPress SwiftXR (3D/AR/VR) Viewer plugin <= 1.0.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Affan Ali - @MuslimFromPK in WordPress Plugin SwiftXR 3D/AR/VR Viewer versions = 1.0.7...
Linux Distros Unpatched Vulnerability : CVE-2023-32248
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2TREECONNECT and...
CBL Mariner 2.0 Security Update: kernel (CVE-2023-32248)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-32248 advisory. - A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw...
CVE-2023-32248 affecting package kernel for versions less than 5.15.126.1-1
CVE-2023-32248 affecting package kernel for versions less than 5.15.126.1-1. A patched version of the package is available...
CVE-2023-32248
creationtimestamp| type| source ---|---|--- 2023-07-24 20:26:27+00:00| seen| https://t.me/cibsecurity/67171...
AZL-27760 CVE-2023-32248 affecting package kernel for versions less than 5.15.126.1-1
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2TREECONNECT and SMB2QUERYINFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this...
CVE-2023-32248
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2TREECONNECT and SMB2QUERYINFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this...
CVE-2023-32248
CVE-2023-32248 describes a flaw in the Linux kernel’s ksmbd (the in-kernel SMB server) related to the handling of SMB2_TREE_CONNECT and SMB2_QUERY_INFO. The issue stems from the lack of proper validation of a pointer before access, which attackers can leverage to cause a denial-of-service conditi...
CVE-2023-32248 Tree connection null pointer dereference denial-of-service vulnerability
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2TREECONNECT and SMB2QUERYINFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this...
CVE-2022-32248
Due to missing input validation in the Manage Checkbooks component of SAP S/4HANA - version 101, 102, 103, 104, 105, 106, an attacker could insert or edit the value of an existing field in the database. This leads to an impact on the integrity of the data...
CVE-2022-32248
CVE-2022-32248 describes an input validation error in SAP S/4HANA (Manage Checkbooks component) affecting versions 101–106. The issue allows an attacker to insert or edit the value of an existing database field, leading to data integrity impact. The CVSS shows a network attack vector, no authenti...
CentOS Web Panel Input Validation Error Vulnerability (CNVD-2019-32248)
CentOS Web Panel CWP is a free web hosting control panel. An input validation error vulnerability exists in CentOS Web Panel version 0.9.8.851, which can be exploited by an attacker to delete an affected user's mail account...