CVE-2026-1816 OTP Bypass in TEİAŞ's Mobile Application

Improper restriction of excessive authentication attempts vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Brute Force. This issue affects Mobile Application: from 1.6.2 before 1.13...

EUVD-2015-4670

Malware in sbrugna...

SUSE CVE-2004-0418

servenotify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data...

SUSE CVE-2015-3809

The dissectlbmrpser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not properly track the current offset, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...

CVE-2020-36635 OpenMRS Appointment Scheduling Module AppointmentTypeValidator.java validateFieldName cross site scripting

A vulnerability was found in OpenMRS Appointment Scheduling Module up to 1.12.x. It has been classified as problematic. This affects the function validateFieldName of the file api/src/main/java/org/openmrs/module/appointmentscheduling/validator/AppointmentTypeValidator.java. The manipulation lead...

OpenMRS 跨站脚本漏洞

OpenMRS is an open source electronic medical record system from OpenMRS, Inc. in the United States. A cross-site scripting vulnerability exists in versions prior to OpenMRS Appointment Scheduling Module 1.12.x. The vulnerability can be exploited to perform cross-site scripting attacks. An attacke...

GHSA-G95P-88P4-76CM Cross-site Scripting in Gitea

Gitea 1.12.x and 1.13.x before 1.13.4 allows XSS via certain issue data in some situations...

CVE-2021-28378

Gitea 1.12.x and 1.13.x before 1.13.4 allows XSS via certain issue data in some situations...

CVE-2021-28378

Gitea 1.12.x and 1.13.x before 1.13.4 allows XSS via certain issue data in some situations...

Cross site scripting

Gitea 1.12.x and 1.13.x before 1.13.4 allows XSS via certain issue data in some situations...

CVE-2021-28378

Gitea 1.12.x and 1.13.x before 1.13.4 allows XSS via certain issue data in some situations...

Gitea Security Vulnerabilities

Gitea is a lightweight Go-based git service developed by the Gitea community. A security vulnerability exists in Gitea versions 0.9.99 through 1.12.x series prior to 1.12.6, which stems from will not prevent the git protocol path from specifying a TCP port number and also contains line breaks wit...

Kubernetes 1.11.x < 1.11.9 / 1.12.x < 1.12.7 / 1.13.x < 1.13.5 kubectl directory traversal

The version of Kubernetes installed on the remote host is version 1.11.x prior to 1.11.9, 1.12.x prior to 1.12.7 or 1.13.x prior to 1.13.5. It is, therefore, affected by a directory traversal vulnerability in the kubectl cp command due to mishandling of symlinks when copying files from a running...

Backdrop CMS Cross-Site Scripting Vulnerability

Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS versions 1.12.x before 1.12.8 and 1.13.x before 1.13.3. The vulnerability stems from a lack of proper validation of client-side data in the web application. An attacker can...

CVE-2017-12836

CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."...

CVE-2017-12836

CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."...

CVE-2017-12836

CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."...

ALPINE-CVE-2017-12836

CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."...

CVE-2017-12836

CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."...

CVE-2017-12836

CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."...