40627 matches found
XWiki >= 2.5-milestone-2 - Cross-Site Scripting
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page XSS. It's possible to exploit the resubmit template to perform a XSS, e.g. by using URL such as:...
CVE-2026-14792
A security vulnerability has been detected in Formbricks 5.0.0. This impacts an unknown function of the file apps/web/modules/survey/link/actions.ts of the component Survey Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. Upgrading to...
Online Fire Reporting System v1.0 - SQL injection
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/takeaction.php?id=. id: CVE-2022-31984 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...
CVE-2026-14792
A security vulnerability has been detected in Formbricks 5.0.0. This impacts an unknown function of the file apps/web/modules/survey/link/actions.ts of the component Survey Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. Upgrading to...
Debian dsa-6376 : openvpn - security update
The remote Debian 13 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-6376 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6376-1 [email protected] https://www.debian.org/securit...
CVE-2026-14086
creationtimestamp| type| source ---|---|--- 2026-07-01 23:42:18+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmoyxxmt22y 2026-07-01 23:42:21+00:00| seen| https://bsky.app/profile/qiancx.bsky.social/post/3mpmoz3vl3a2l 2026-07-02 07:51:58+00:00| seen|...
CVE-2026-14102
creationtimestamp| type| source ---|---|--- 2026-07-01 21:48:34+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpminn4tbe2q 2026-07-01 21:48:39+00:00| seen| https://bsky.app/profile/qiancx.bsky.social/post/3mpminqz6hj2g 2026-07-02 08:15:24+00:00| seen|...
CVE-2026-27435
creationtimestamp| type| source ---|---|--- 2026-07-01 10:52:45+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpldyxfiem2r 2026-07-01 11:37:52+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mplgjmmcz222 2026-07-01 13:12:45+00:00| seen|...
CVE-2026-54371 affecting package acl for versions less than 2.4.0-1
CVE-2026-54371 affecting package acl for versions less than 2.4.0-1. An upgraded version of the package is available that resolves this issue...
PT-2026-53973
Name of the Vulnerable Software and Affected Versions IBM watsonx.data intelligence version 5.2.2 IBM watsonx.data intelligence version 5.3.0 IBM watsonx.data intelligence versions 5.3.1 through patch-1 Description The software transmits data in clear text, which could allow an attacker to obtain...
Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2026-113 (ALASNITRO-ENCLAVES-2026-113)
The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-113 advisory. Memory exhaustion DoS causing OOM kill of containerd process NOTE:...
[SECURITY] Fedora 44 Update: docker-buildkit-0.31.0-1.fc44
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...
CVE-2026-57914
A flaw was found in Apache Kerby. A remote attacker could send a deeply nested Abstract Syntax Notation One ASN.1 structure to an Apache Kerby client or service, triggering a stack overflow exception. This could lead to a denial of service DoS condition, making the service unavailable to legitima...
CVE-2026-57325 WordPress NanoMag theme <= 1.8 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in NanoMag = 1.8 versions...
Debian dsa-6365 : libssh2-1-dev - security update
The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6365 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6365-1 [email protected] https://www.debian.org/securit...
SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2026:2632-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2632-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: -...
CVE-2026-6412
Technical details about CVE-2026-6412 are not publicly available in the provided documents. Monitor for updates from the cited sources (WolfSSL, NVD, Debian tracker, CVE List, OSV, EUVD, etc.).
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : ImageMagick vulnerabilities (USN-8468-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8468-1 advisory. It was discovered that ImageMagick incorrectly handled certain images when using the...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: tomcat10: tomcat10-10.1.56-1.hum1 noarch tomcat10-admin-webapps-10.1.56-1.hum1 noarch tomcat10-common-10.1.56-1.hum1 noarch tomcat10-docs-webapp-10.1.56-1.hum1 noarch...
CVE-2025-13162 Advant Master Online Builder DLL vulnerability
Uncontrolled Search Path Element vulnerability in ABB Control Builder A, ABB 800xA for Advant Master. This issue affects Control Builder A: through 1.4/4; 800xA for Advant Master: through 6.0.3-1, through 6.1.1-1, 6.1.1-3, 6.2.0-1...