17 matches found
CVE-2026-32890
creationtimestamp| type| source ---|---|--- 2026-03-22 00:00:47+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhmai54gfb26 2026-03-27 16:00:15+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mi2igfozte2u...
CVE-2022-32890
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions...
CVE-2022-32890
creationtimestamp| type| source ---|---|--- 2025-05-06 04:20:21+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15048...
CVE-2025-32890
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...
CVE-2025-32890
creationtimestamp| type| source ---|---|--- 2025-05-01 18:15:49+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14353...
CVE-2025-32890
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...
CVE-2025-32890
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...
CVE-2024-32890
The CVE-2024-32890 entry describes a stored cross-site scripting (XSS) in LibreSpeed speedtest. Affected are LibreSpeed speedtest instances running version 5.2.5 or higher with telemetry enabled. The vulnerability arises from missing neutralization in the ispinfo.processedString field of the tele...
CVE-2024-32890 Stored Cross-site Scripting in results JSON API in librespeed/speedtest
librespeed/speedtest is an open source, self-hosted speed test for HTML5. In affected versions missing neutralization of the ISP information in a speedtest result leads to stored Cross-site scripting in the JSON API. The processedString field in the ispinfo parameter is missing neutralization. It...
CVE-2024-32890 Stored Cross-site Scripting in results JSON API in librespeed/speedtest
librespeed/speedtest is an open source, self-hosted speed test for HTML5. In affected versions missing neutralization of the ISP information in a speedtest result leads to stored Cross-site scripting in the JSON API. The processedString field in the ispinfo parameter is missing neutralization. It...
CVE-2023-32890
creationtimestamp| type| source ---|---|--- 2024-01-03 01:32:17+00:00| seen| https://t.me/cibsecurity/74140 2024-01-22 14:42:06+00:00| seen| https://t.me/ctinow/171186...
CVE-2023-32890
CVE-2023-32890 affects MediaTek Modem EMM. The issue is a crash caused by improper input validation, enabling remote denial of service with no user interaction. Exploitation is possible over the network (per CVSS) and does not require privileges. A patch identified as MOLY01183647 (MSV-963) is pr...
CVE-2021-32890
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none...
CVE-2022-32890
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions...
CVE-2022-32890
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions...
CVE-2022-32890
CVE-2022-32890 affects macOS (notably macOS Ventura 13). The issue is described as a logic flaw that could allow a sandboxed process to circumvent sandbox restrictions. Apple documents update fixed in Ventura 13. Remediation: update to macOS Ventura 13 or later. Exploitation details are not provi...
CVE-2021-32890
...