CVE-2024-41255

filestash v0.4 is configured to skip TLS certificate verification when using the FTPS protocol, possibly allowing attackers to execute a man-in-the-middle attack via the Init function of index.go...

CVE-2022-41255

creationtimestamp| type| source ---|---|--- 2025-10-07 08:42:42+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3m2lqa6atw6u2...

CVE-2024-41255

creationtimestamp| type| source ---|---|--- 2024-08-01 00:21:54+00:00| seen| https://t.me/cvedetector/2176...

CVE-2023-41255

The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to gain a root shell on the device itself abusing the lack of authentication of the ‘su’ binary file installed on the device that can be accessed through the ADB Android Debug Bridge protocol exposed on...

CVE-2023-41255

CVE-2023-41255 affects the TPC-110W device (Bosch context appears in sources). The issue allows an unprivileged user with subnet access to obtain a root shell by abusing the lack of authentication of the su binary exposed via ADB (Android Debug Bridge). The connected documents provide this core t...

CVE-2022-41255

CVE-2022-41255 affects Jenkins with the CONS3RT Plugin 1.0.0 and earlier. The vulnerability is that the Cons3rt API token is stored unencrypted in job config.xml files on the Jenkins controller, where it can be viewed by users who have access to the controller filesystem. The available sources co...