15 matches found
CVE-2024-32949
Technical details for CVE-2024-32949 are not provided in the supplied documents. No product/version/root-cause/impact/fix specifics are available here. Monitor for official updates from CVE records or vendor advisories.
CVE-2026-32949
creationtimestamp| type| source ---|---|--- 2026-03-20 05:50:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhht4heo6x2o...
EUVD-2025-32949
Malicious code in redirect-p8ris1 npm...
CVE-2022-32949
This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16. An app may be able to execute arbitrary code with kernel privileges...
CVE-2025-32949
This vulnerability allows any authenticated user to cause the server to consume very large amounts of disk space when extracting a Zip Bomb. If user import is enabled which is the default setting, any registered user can upload an archive for importing. The code uses the yauzl library for reading...
CVE-2025-32949 PeerTube User Import Authenticated Resource Exhaustion
This vulnerability allows any authenticated user to cause the server to consume very large amounts of disk space when extracting a Zip Bomb. If user import is enabled which is the default setting, any registered user can upload an archive for importing. The code uses the yauzl library for reading...
CVE-2025-32949
PeerTube is affected by an authenticated resource-exhaustion vulnerability in the User Import feature when handling archives. The issue occurs because the archive-reading library yauzl has no mechanism to detect or prevent Zip Bombs, allowing a Zip Bomb to cause extremely large disk-space consump...
CVE-2025-32949 PeerTube User Import Authenticated Resource Exhaustion
This vulnerability allows any authenticated user to cause the server to consume very large amounts of disk space when extracting a Zip Bomb. If user import is enabled which is the default setting, any registered user can upload an archive for importing. The code uses the yauzl library for reading...
WordPress Integrate Google Drive Plugin <= 1.3.8 is vulnerable to Broken Access Control
Software Integrate Google Drive Type Plugin Vulnerable versions = 1.3.8 Fixed in 1.3.91 OWASP Top 10 A4: Insecure Design Classification Broken Access Control CVE CVE-2024-32949 Patch priority Medium CVSS severity Medium 8.3 Developer Claim ownership PSID ccf771b656bb Credits Steven Julian Require...
CVE-2022-32949
This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16. An app may be able to execute arbitrary code with kernel privileges...
CVE-2022-32949
This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16. An app may be able to execute arbitrary code with kernel privileges...
CVE-2022-32949
CVE-2022-32949 : Apple lists this as an issue affecting iOS/iPadOS with the impact that an app may be able to execute arbitrary code with kernel privileges. The Apple security content for iOS 15.7.1 / iPadOS 15.7.1 (and tvOS 16) states the issue is fixed by updated checks and memory handling. The...
CVE-2021-32949
creationtimestamp| type| source ---|---|--- 2022-04-02 02:26:22+00:00| seen| https://t.me/cibsecurity/40058...
CVE-2021-32949 MDT AutoSave Relative Path Traversal
An attacker could utilize a function in MDT AutoSave versions prior to v6.02.06 that permits changing a designated path to another path and traversing the directory, allowing the replacement of an existing file with a malicious file...
CVE-2021-32949
CVE-2021-32949 describes a relative path traversal in MDT AutoSave prior to version 6.02.06, where a function could change a designated path to another path and traverse directories, allowing replacement of an existing file with a malicious file. Affected products/versions include MDT AutoSave be...