15 matches found
CVE-2023-32354
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. An app may be able to disclose kernel memory...
CVE-2022-32354
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=user/manageuser=...
CVE-2025-32354
creationtimestamp| type| source ---|---|--- 2025-04-29 19:20:42+00:00| seen| https://t.me/cvedetector/24023...
CVE-2025-32354
In Zimbra Collaboration ZCS 9.0 through 10.1, a Cross-Site Request Forgery CSRF vulnerability exists in the GraphQL endpoint /service/extension/graphql of Zimbra webmail due to a lack of CSRF token validation. This allows attackers to perform unauthorized GraphQL operations, such as modifying...
CVE-2025-32354
In Zimbra Collaboration ZCS 9.0 through 10.1, a Cross-Site Request Forgery CSRF vulnerability exists in the GraphQL endpoint /service/extension/graphql of Zimbra webmail due to a lack of CSRF token validation. This allows attackers to perform unauthorized GraphQL operations, such as modifying...
CVE-2025-32354
In Zimbra Collaboration ZCS 9.0 through 10.1, a Cross-Site Request Forgery CSRF vulnerability exists in the GraphQL endpoint /service/extension/graphql of Zimbra webmail due to a lack of CSRF token validation. This allows attackers to perform unauthorized GraphQL operations, such as modifying...
CVE-2024-32354
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'timeout' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi...
CVE-2024-32354
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'timeout' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi...
CVE-2024-32354
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'timeout' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi...
CVE-2023-32354
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. An app may be able to disclose kernel memory...
CVE-2023-32354
CVE-2023-32354 is an Apple vulnerability described as an out-of-bounds read that could allow an app to disclose kernel memory. The public descriptions tie this issue to Apple OS updates: watchOS 9.5, tvOS 16.5, iOS 16.5, and iPadOS 16.5. The fixed condition is “improved input validation” (per mul...
CVE-2023-32354
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. An app may be able to disclose kernel memory...
CVE-2022-32354
creationtimestamp| type| source ---|---|--- 2022-06-15 00:19:27+00:00| seen| https://t.me/cibsecurity/44467...
CVE-2022-32354
Product Show Room Site v1.0 is vulnerable to SQL injection in the admin page parameter /psrs/admin/?page=user/manage_user&id= (CVE-2022-32354). Connected sources consistently describe SQL injection without detailing root cause, affected versions beyond v1.0, or exploitation status. No remediation...
CVE-2024-32354
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'timeout' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi...