CVE-2026-22461

creationtimestamp| type| source ---|---|--- 2026-01-22 17:44:05+00:00| seen| https://gist.github.com/Darkcrai86/74e2626fc165635cd0ee959be4d16af3...

CVE-2023-22461

The sanitize-svg package, a small SVG sanitizer to prevent cross-site scripting attacks, uses a deny-list-pattern to sanitize SVGs to prevent XSS. In doing so, literal...

CVE-2025-22461

SQL injection in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote authenticated attacker with admin privileges to achieve code execution...

CVE-2025-22461

SQL injection in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote authenticated attacker with admin privileges to achieve code execution...

CVE-2025-22461

CVE-2025-22461 is a SQL injection vulnerability in Ivanti Endpoint Manager affecting versions prior to 2024 SU1 and prior to 2022 SU7. The vulnerability could allow a remote authenticated attacker with admin privileges to achieve code execution. Public sources (Ivanti advisory and vendor/NVD list...

Security Bulletin: Security vulnerability has been fixed in IBM Security Verify Governance, Identity Manager virtual appliance component

Summary IBM Security Verify Governance, Identity Manager virtual appliance component has addressed the following vulnerability. Vulnerability Details CVEID:CVE-2022-22461 DESCRIPTION: IBM Security Verify Governance uses weaker than expected cryptographic algorithms that could allow an attacker to...

CVE-2024-22461

Dell RecoverPoint for Virtual Machines 6.0.x contains an OS command injection vulnerability due to improper input validation. A low-privilege remote attacker could execute arbitrary commands as root, potentially compromising the entire system. Mitigation: apply Dell security update referenced as ...

CVE-2023-22461

creationtimestamp| type| source ---|---|--- 2023-01-04 18:18:12+00:00| seen| https://t.me/cibsecurity/55893...

CVE-2023-22461 sanitize-svg Filter Bypass Allows Cross-Site Scripting (XSS)

The sanitize-svg package, a small SVG sanitizer to prevent cross-site scripting attacks, uses a deny-list-pattern to sanitize SVGs to prevent XSS. In doing so, literal -tags and on-event handlers were detected in versions prior to 0.4.0. As a result, downstream software that relies on sanitize-sv...

CVE-2023-22461

CVE-2023-22461 concerns the sanitizer package sanitize-svg . The issue arises from a deny-list approach that fails to block certain vectors, allowing embedded JavaScript via literal [removed] tags or on-* attributes in SVGs. The vulnerability affects versions prior to 0.4.0; a patch was released ...

CVE-2022-22461 IBM Security Verify Governance, Identity Manager information disclosure

IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225007...

CVE-2022-22461

CVE-2022-22461 affects IBM Security Verify Governance, Identity Manager virtual appliance component version 10.0.1 . The vulnerability arises from use of weaker-than-expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information (impact on confidentiality...

CVE-2021-22461

CVE-2021-22461 concerns a HarmonyOS component with an allocation of resources without limits or throttling. The connected documents describe the issue as a local, non-privileged exploit that can cause nearby processes to crash. They do not provide technical specifics such as affected versions, vu...

papo-de-namorada.22461.n7.nabble.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1181951 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...