206 matches found
CVE-2026-35014 Open ISES Tickets < 3.44.2 Reflected XSS via routes_nm.php ticket_id Parameter
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in routesnm.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid GET parameter directly into a hidden input field VALUE attribute. Attacke...
CVE-2026-35014 Open ISES Tickets < 3.44.2 Reflected XSS via routes_nm.php ticket_id Parameter
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in routesnm.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid GET parameter directly into a hidden input field VALUE attribute. Attacke...
tickets 跨站脚本漏洞
Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of Tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-based cross-site scripting vulnerability in routesnm.php, which coul...
Astra Linux – Vulnerability in binutils
A memory consumption issue in the getdata function in binutils/nm.c in GNU nm before version 2.34 allows attackers to cause a denial of service through crafted commands...
EUVD-2025-209264
Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application...
EUVD-2025-209263
Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application...
CVE-2025-24817
Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application...
CVE-2025-24819 A Relative Path Traversal vulnerability in Nokia MantaRay NM
Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application...
CVE-2025-24818
CVE-2025-24818 affects Nokia MantaRay NM, with an OS command injection in the Log Search application caused by improper neutralization of special elements used in an OS command. The CVSS v3.1 metrics indicate a base score of 8.0 (High) with adjacent attack vector, low attack complexity, low privi...
CVE-2025-24818
Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application...
CVE-2025-24817
Nokia MantaRay NM (Symptom Collector) is reported to be vulnerable to an OS command injection caused by improper neutralization of special elements in an OS command. CVSS v3.1 base score 8.0 (HIGH) with adjacent attack vector, low attack complexity, and low privileges required, no user interactio...
PT-2026-30842
Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application...
Projectworlds Online Art Gallery Shop SQL注入漏洞
Projectworlds Online Art Gallery Shop is an online art gallery store open source by Projectworlds. Version 1.0 of Projectworlds Online Art Gallery Shop has a SQL injection vulnerability. This vulnerability arises from incorrect handling of parameters in the file/admin/adminHome.php, specifically...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002634)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002634 advisory. The getrockridgefilename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM aka alternate name entries containing \0 characters, which allows...
CVE-2021-47743 COMMAX Biometric Access Control System 1.0.0 Reflected XSS via Cookie Parameters
COMMAX Biometric Access Control System 1.0.0 contains an unauthenticated reflected cross-site scripting vulnerability in cookie parameters 'CMXADMINNM' and 'CMXCOMPLEXNM'. Attackers can inject malicious HTML and JavaScript code into these cookie values to execute arbitrary scripts in a victim's...
PT-2025-54424
COMMAX Biometric Access Control System 1.0.0 contains an unauthenticated reflected cross-site scripting vulnerability in cookie parameters 'CMX ADMIN NM' and 'CMX COMPLEX NM'. Attackers can inject malicious HTML and JavaScript code into these cookie values to execute arbitrary scripts in a victim...
CVE-2022-50645
The CVE-2022-50645 issue involves a refcount leak in the Linux kernel’s EDAC/i10nm path. Specifically, pci_get_dev_wrapper() could mishandle a PCI device by not accounting for the fact that pci_get_domain_bus_and_slot() returns a device with an incremented refcount, leading to a potential leak if...
SUSE SLED15 / SLES15 : Recommended update for suse-migration-sle16-activation, SLES16-Migration, SLES16-SAP_Migration, suse-migration-services, suse-migration-rpm, wicked2nm, image-janitor (SUSE-SU-SUSE-RU-2025:4131-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2025:4131-1 advisory. Changes for suse-migration-sle16-activation: - Simplify interface naming by disabling predictable names at boot...
EUVD-2020-11622
Malware in sbrugna...
EUVD-2018-4597
Malware in sbrugna...