CVE-2026-41971

Permission control vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2021-41971

Apache Superset up to and including 1.3.0 when configured with ENABLETEMPLATEPROCESSING on disabled by default allowed SQL injection when a malicious authenticated user sends an http request with a custom URL...

EUVD-2025-41971

Malicious code in sari-keraktelor68-breki npm...

CVE-2022-41971

Nextcould Talk android is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.8, 13.0.10, 14.0.6, and 15.0.0, guests can continue to receive video streams from a call after being removed from a conversation. An attacker would be able to see videos on a call in a public...

CVE-2024-41971

creationtimestamp| type| source ---|---|--- 2024-11-18 09:16:43+00:00| seen| https://infosec.exchange/users/cve/statuses/113503201048223194 2024-11-18 12:22:10+00:00| seen| https://t.me/cvedetector/11320 2025-09-25 00:36:29+00:00| seen| MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51...

CVE-2024-41971

CVE-2024-41971 affects multiple WAGO devices (e.g., CC100 0751-9x01, Edge Controller 0752-8303/8000, PFC100/200, TP600 series, etc.). A path traversal vulnerability allows a low-privileged remote attacker to overwrite arbitrary files on the filesystem, leading to Denial of Service and data loss. ...

CVE-2024-41971 WAGO: Arbitrary File Overwrite in Multiple Devices

A low privileged remote attacker can overwrite an arbitrary file on the filesystem leading to a DoS and data loss...

CVE-2023-41971 Windows ZCC Upgrade DoS And Privilege Escalation Through RPC Control

An Improper Link Resolution Before File Access 'Link Following' vulnerability in Zscaler Client Connector on Windows allows a system file to be overwritten.This issue affects Client Connector on Windows: before 3.7...

CVE-2022-41971 Nextcloud Talk guests can continue to receive video streams from call after being removed from a conversation

Nextcould Talk android is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.8, 13.0.10, 14.0.6, and 15.0.0, guests can continue to receive video streams from a call after being removed from a conversation. An attacker would be able to see videos on a call in a public...

CVE-2022-41971

Nextcloud Talk for Android suffers a vulnerability where guests removed from a conversation can continue to receive video streams in a public call. Affected versions prior to 12.2.8, 13.0.10, 14.0.6, and 15.0.0 are vulnerable; patches are provided in those respective versions. The issue enables a...

CVE-2021-41971

creationtimestamp| type| source ---|---|--- 2021-10-18 18:32:20+00:00| seen| https://t.me/cibsecurity/30715...

CVE-2021-41971

Apache Superset up to and including 1.3.0 when configured with ENABLETEMPLATEPROCESSING on disabled by default allowed SQL injection when a malicious authenticated user sends an http request with a custom URL...

CVE-2021-41971

Apache Superset up to and including 1.3.0 when configured with ENABLETEMPLATEPROCESSING on disabled by default allowed SQL injection when a malicious authenticated user sends an http request with a custom URL...

CVE-2021-41971

Apache Superset versions up to 1.3.0 are affected by an SQL injection vulnerability when ENABLE_TEMPLATE_PROCESSING is enabled. The issue arises in template processing logic that processes a malicious HTTP request with a crafted URL, leading to potential SQL injection. Several sources (NVD, OSV, ...

CVE-2021-41971 Possible SQL Injection when template processing is enabled

Apache Superset up to and including 1.3.0 when configured with ENABLETEMPLATEPROCESSING on disabled by default allowed SQL injection when a malicious authenticated user sends an http request with a custom URL...