66 matches found
CVE-2026-45626
Arcane is an interface for managing Docker containers, images, networks, and volumes. In 1.18.1 and earlier, GET /environments/id/volumes/volumeName/browse accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside an Arcane helper container. The path sanitis...
SUSE CVE-2024-8185
Vault Community and Vault Enterprise “Vault” clusters using Vault's Integrated Storage backend are vulnerable to a denial-of-service DoS attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vaul...
CVE-2026-29048
HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identified in the Button component of version 1.18.0. Due to inconsistent output encoding at several points within the software, malicious scripts could be injected and executed in the...
EUVD-2026-10014
HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identified in the Button component of version 1.18.0. Due to inconsistent output encoding at several points within the software, malicious scripts could be injected and executed in the...
CVE-2026-29048
HumHub (Open Source Enterprise Social Network) vulnerability CVE-2026-29048 affects HumHub 1.18.0 in the Button component, where inconsistent output encoding allows cross-site scripting. The CVSS 4.0 vector yields a base score of 6.9 (Medium) with network attack vector, low attack complexity, and...
CVE-2026-29048 HumHub: XSS in Button component
HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identified in the Button component of version 1.18.0. Due to inconsistent output encoding at several points within the software, malicious scripts could be injected and executed in the...
CVE-2026-29048 HumHub: XSS in Button component
HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identified in the Button component of version 1.18.0. Due to inconsistent output encoding at several points within the software, malicious scripts could be injected and executed in the...
CVE-2026-29048
HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identified in the Button component of version 1.18.0. Due to inconsistent output encoding at several points within the software, malicious scripts could be injected and executed in the...
PT-2026-23656
Name of the Vulnerable Software and Affected Versions HumHub version 1.18.0 Description HumHub is an Open Source Enterprise Social Network. A cross-site scripting issue exists in the Button component due to inconsistent output encoding. This allows for the injection and execution of malicious...
Important: Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.18.1
cert-manager Operator for Red Hat OpenShift 1.18.1 The cert-manager Operator for Red Hat OpenShift builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide certificates-as-a-service to...
Important: Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.18.1
cert-manager Operator for Red Hat OpenShift 1.18.1 The cert-manager Operator for Red Hat OpenShift builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide certificates-as-a-service to...
Important: Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.18.1
cert-manager Operator for Red Hat OpenShift 1.18.1 The cert-manager Operator for Red Hat OpenShift builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide certificates-as-a-service to...
Important: Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.18.1
cert-manager Operator for Red Hat OpenShift 1.18.1 The cert-manager Operator for Red Hat OpenShift builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide certificates-as-a-service to...
CVE-2021-22944
A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later...
CVE-2025-14056
CVE-2025-14056 concerns the WordPress plugin Custom Post Type UI. It is a Stored Cross-Site Scripting (XSS) via the 'label' parameter during import, affecting all versions up to 1.18.1. An authenticated attacker with Administrator-level access can inject scripts that execute on the Tools → Get Co...
WordPress plugin Custom Post Type UI 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Custom Post Type UI plugin <= 1.18.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'label' Import Parameter vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting via 'label' Import Parameter vulnerability discovered by type5afe in WordPress Plugin Custom Post Type UI versions = 1.18.1...
WordPress Custom Post Type UI plugin <= 1.18.0 - Missing Authorization to Unauthenticated (Previously Administrator+) Custom Post Type Modification vulnerability
Missing Authorization to Unauthenticated Previously Administrator+ Custom Post Type Modification vulnerability discovered by mahdi salhi CaptinSharky01 - CaptinSharku in WordPress Plugin Custom Post Type UI versions = 1.18.0...
EUVD-2020-18802
Malware in sbrugna...
EUVD-2025-23157
Malicious code in bioql PyPI...