Aruba Airwave <8.2.3.1 - Cross-Site Scripting

Aruba Airwave before version 8.2.3.1 is vulnerable to reflected cross-site scripting. id: CVE-2016-8527 info: name: Aruba Airwave 8.2.3.1 - Cross-Site Scripting author: pikpikcu severity: medium description: Aruba Airwave before version 8.2.3.1 is vulnerable to reflected cross-site scripting...

Automated Logic WebCTRL Premium Server URL Redirection to Untrusted Site (CVE-2024-8527)

CWE-601 URL Redirection to Untrusted Site 'Open Redirect' vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. The application accepts a user-supplied URL and redirects without proper validation, allowing attackers to exploit user sessions through ...

MINI-W3CW-8527-2RGH

Bulletin has no description...

CVE-2026-8527 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-8527 vulnerabilities

Vulnerabilities for packages: chromium...

Chromium: CVE-2026-8527 Insufficient validation of untrusted input in Downloads

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-8527

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2026-8527

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

CVE-2026-8527

CVE-2026-8527 : In Google Chrome, insufficient validation of untrusted input in Downloads allows a remote attacker to execute arbitrary code via a crafted HTML page. Affected: Chrome (Chromium-based) prior to 148.0.7778.168. Root cause: input validation in the Downloads path. Impact: high severit...

ECHO-C3A8-8527-D760

Bulletin has no description...

CVE-2025-8527

A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue affects some unknown processing of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/SecurityController.java of the component Swagger. The manipulation of the argument...

CVE-2025-8527

CVE-2025-8527 affects Exrick xboot up to version 3.3.4, involving the Swagger component. The root cause is server-side request forgery triggered by manipulation of the loginUrl parameter in SecurityController.java (xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/). This Vu...

CVE-2025-8527 Exrick xboot Swagger SecurityController.java server-side request forgery

A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue affects some unknown processing of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/SecurityController.java of the component Swagger. The manipulation of the argument...

CVE-2025-8527 Exrick xboot Swagger SecurityController.java server-side request forgery

A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue affects some unknown processing of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/SecurityController.java of the component Swagger. The manipulation of the argument...

CVE-2014-8527

McAfee Network Data Loss Prevention NDLP before 9.3 allows local users to obtain sensitive information and affect integrity via vectors related to a "plain text password."...

CGA-8527-GX23-82M6

Bulletin has no description...

CVE-2019-8527

CVE-2019-8527 involves a buffer overflow that Apple addressed by improving size validation. Affected platforms include iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, and watchOS 5.2. Root cause: insufficient size validation leading to memory corruption. Impact per description: a remote attacker could...

Apple iOS < 12.2 Multiple Vulnerabilities (APPLE-SA-2019-3-25-1)

Binary data 700558.prm...

Apple iOS < 12.2 Multiple Vulnerabilities

Binary data appleios122check.nbin...

Microsoft SQL Server Management Studio XXE Injection Information Disclosure (CVE-2018-8527; CVE-2018-8532; CVE-2018-8533)

Multiple information disclosure vulnerabilities exist in Microsoft SQL Server Management Studio. The vulnerabilities are due to a flaw when parsing a malicious XEL/XML/XMLA file containing a reference to an external entity. A remote authenticated attacker could exploit these vulnerabilities by...