CVE-2026-33315 Vikunja has a 2FA Bypass via Caldav Basic Auth

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.0, the Caldav endpoint allows login using Basic Authentication, which in turn allows users to bypass the TOTP on 2FA-enabled accounts. The user can then access standard project information that would normally be...

CVE-2026-33315

creationtimestamp| type| source ---|---|--- 2026-03-20 13:49:29+00:00| published-proof-of-concept| https://github.com/go-vikunja/vikunja/security/advisories/GHSA-47cr-f226-r4pq...

CVE-2022-33315

Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions...

EUVD-2025-33315

Malicious code in @testcarrot/supply4 npm...

CVE-2023-33315

creationtimestamp| type| source ---|---|--- 2023-05-28 22:30:29+00:00| seen| https://t.me/cibsecurity/64750...

CVE-2023-33315

Cross-Site Request Forgery CSRF vulnerability in Stephen Darlington, Wandle Software Limited Smart App Banner plugin = 1.1.2 versions...

CVE-2023-33315

The CVE-2023-33315 entry describes a CSRF vulnerability in the WordPress Smart App Banner plugin (versions

CVE-2023-33315 WordPress Smart App Banner Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Stephen Darlington, Wandle Software Limited Smart App Banner plugin = 1.1.2 versions...

CVE-2022-33315

creationtimestamp| type| source ---|---|--- 2022-07-20 20:12:11+00:00| seen| https://t.me/cibsecurity/46688 2023-04-03 18:53:51+00:00| seen| https://t.me/icscert/735...

CVE-2022-33315

Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions...

CVE-2022-33315

Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions...

CVE-2022-33315

The CVE-2022-33315 issue is a deserialization vulnerability in Mitsubishi Electric GENESIS64 (including ICONICS GENESIS64, ICONICS Suite, and MC Works64) affecting 10.97–10.97.1 for GENESIS64/ICONICS Suite and 4.04E (10.95.210.01) and earlier for MC Works64. The root cause is deserialization of u...

CVE-2021-33315

creationtimestamp| type| source ---|---|--- 2022-05-11 22:34:33+00:00| seen| https://t.me/cibsecurity/42412...

CVE-2021-33315

CVE-2021-33315 affects TRENDnet TI-PG1284i switches (hw v2.0R) prior to version 2.0.2.S0. The root cause is a lack of validation on the length field of the PortID TLV in the LLDP component, which can trigger an integer underflow and cause a negative value to be passed to memcpy(), potentially lea...