Lucene search
K

19 matches found

CVE
CVE
added 2026/06/10 3:15 a.m.27 views

CVE-2026-26237

CVE-2026-26237 affects QuMagie. Description: a missing authorization vulnerability could allow remote attackers to access unauthorized data or perform unauthorized actions. The issue is fixed in QuMagie 2.9.0 and later. CVSSv4 metrics indicate high severity (base score 8.7) with network attack ve...

8.7CVSS5.5AI score0.00322EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/08 6:42 a.m.4 views

Security Bulletin: Highlight.js Prototype Pollution Vulnerability in Code Block Parsing, affects watsonx.data

Summary Highlight.js versions prior to 9.18.2 and 10.1.2 are vulnerable to prototype pollution via malicious HTML in user-supplied code blocks. This can cause unexpected application behavior or crashes, representing a potential DoS vector. This can affect watsonx.data. Vulnerability Details...

8.7CVSS5.9AI score0.01296EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 10:42 a.m.8 views

CVE-2022-26237

The default privileges for the running service Normand Viewer Service in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data...

5.5CVSS6.8AI score0.00191EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:26 p.m.7 views

CVE-2021-26237

FastStone Image Viewer = 7.5 is affected by a user mode write access violation at 0x00402d7d, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service DoS or possibly to achieve code execution...

7.8CVSS7.4AI score0.02731EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2024/11/19 2:43 a.m.15 views

K000148605: Highlight.js vulnerability CVE-2020-26237

Security Advisory Description Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during...

8.7CVSS7.5AI score0.01296EPSS
Exploits0
NVD
NVD
added 2024/04/09 5:15 p.m.21 views

CVE-2024-26237

Windows Defender Credential Guard Elevation of Privilege Vulnerability...

7.8CVSS8.1AI score0.00675EPSS
Exploits0References1
CVE
CVE
added 2024/04/09 5:0 p.m.157 views

CVE-2024-26237

Technical details for CVE-2024-26237 are not publicly available in the provided connected documents. No concrete exploit, impact, or remediation specifics are present beyond the vulnerability title. Monitor for updates from Microsoft and security advisories.

7.8CVSS8.1AI score0.00675EPSS
Exploits0References1Affected Software9
Circl
Circl
added 2023/10/05 7:17 a.m.7 views

CVE-2023-26237

creationtimestamp| type| source ---|---|--- 2023-10-05 07:17:24+00:00| seen| https://t.me/cibsecurity/71658...

6.7CVSS6.4AI score0.0017EPSS
Exploits0References1
OSV
OSV
added 2023/10/05 1:15 a.m.2 views

CVE-2023-26237

An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM...

6.7CVSS5.8AI score0.0017EPSS
Exploits0References1
CVE
CVE
added 2023/10/05 12:0 a.m.37 views

CVE-2023-26237

CVE-2023-26237 affects WatchGuard EPDR 8.0.21.0002, where an attacker can bypass defensive capabilities by adding a registry key as SYSTEM. The issue is described as a local-impact bypass of protections, with CVSSv3.1 metrics indicating Local access, Low attack complexity, Privileges Required: Hi...

6.7CVSS6.4AI score0.0017EPSS
Exploits0References1Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.101 views

K62444703: Multiple MySQL vulnerabilities CVE-2022-21455 and CVE-2022-21509

Security Advisory Description CVE-2022-21455 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

5.5CVSS5.5AI score0.01271EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:53 a.m.3 views

SUSE CVE-2020-26237

Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during highlighting. If you allow use...

8.7CVSS7.2AI score0.01296EPSS
Exploits0References3
NVD
NVD
added 2022/10/06 6:15 p.m.41 views

CVE-2022-26237

The default privileges for the running service Normand Viewer Service in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data...

5.5CVSS0.00191EPSS
Exploits0References2
CVE
CVE
added 2022/10/06 12:0 a.m.46 views

CVE-2022-26237

CVE-2022-26237 affects Beckman Coulter Remisol Advance (v2.0.12.1 and prior) via the Normand Viewer Service. The default privileges for this service allow non-privileged users to overwrite and manipulate executables and libraries, enabling access to sensitive data. No patch/version remediation is...

5.5CVSS5.4AI score0.00191EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2021/03/18 5:32 p.m.4 views

CVE-2021-26237

creationtimestamp| type| source ---|---|--- 2021-03-18 17:32:29+00:00| seen| https://t.me/cibsecurity/25109...

7.8CVSS7.5AI score0.02731EPSS
Exploits0References1
CVE
CVE
added 2021/03/18 1:59 p.m.42 views

CVE-2021-26237

FastStone Image Viewer

7.8CVSS8AI score0.02731EPSS
Exploits0References1Affected Software1
Debian
Debian
added 2020/12/30 10:37 p.m.52 views

[SECURITY] [DLA 2511-1] highlight.js security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2511-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz December 30, 2020 https://wiki.debian.org/LTS -...

8.7CVSS7AI score0.01296EPSS
Exploits0
CVE
CVE
added 2020/11/24 11:0 p.m.190 views

CVE-2020-26237

Highlight.js vulnerability CVE-2020-26237: Prototype Pollution in versions before 9.18.2 and 10.1.2 (and older); a malicious HTML block could pollute Object.prototype during highlighting. Upstream fixes exist in 9.18.2+, 10.1.2+, and newer. Debian/OSS advisories also reference updates; remediatio...

8.7CVSS6.8AI score0.01296EPSS
Exploits0References6Affected Software1
Openbugbounty
Openbugbounty
added 2017/05/03 10:44 p.m.8 views

musicme.com XSS vulnerability

Vulnerable URL: https://www.musicme.com/Tjindjara/videos%3C!%27/%22//%27//%22/--%3E%3C/Script%3E%3CImage%20Srcset=K%20/;%20Onerror=confirm%60OPENBUGBOUNTY%60%20//%3E/Wessel-S-&-Lf-Project-Ft.-Tjindjara---Alive-Preview-4B677A455F2D6856376A34.html/ Details: Description| Value ---|--- Patched:| Yes,...

6.3AI score
Exploits0
Rows per page
Query Builder