19 matches found
CVE-2026-26237
CVE-2026-26237 affects QuMagie. Description: a missing authorization vulnerability could allow remote attackers to access unauthorized data or perform unauthorized actions. The issue is fixed in QuMagie 2.9.0 and later. CVSSv4 metrics indicate high severity (base score 8.7) with network attack ve...
Security Bulletin: Highlight.js Prototype Pollution Vulnerability in Code Block Parsing, affects watsonx.data
Summary Highlight.js versions prior to 9.18.2 and 10.1.2 are vulnerable to prototype pollution via malicious HTML in user-supplied code blocks. This can cause unexpected application behavior or crashes, representing a potential DoS vector. This can affect watsonx.data. Vulnerability Details...
CVE-2022-26237
The default privileges for the running service Normand Viewer Service in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data...
CVE-2021-26237
FastStone Image Viewer = 7.5 is affected by a user mode write access violation at 0x00402d7d, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service DoS or possibly to achieve code execution...
K000148605: Highlight.js vulnerability CVE-2020-26237
Security Advisory Description Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during...
CVE-2024-26237
Windows Defender Credential Guard Elevation of Privilege Vulnerability...
CVE-2024-26237
Technical details for CVE-2024-26237 are not publicly available in the provided connected documents. No concrete exploit, impact, or remediation specifics are present beyond the vulnerability title. Monitor for updates from Microsoft and security advisories.
CVE-2023-26237
creationtimestamp| type| source ---|---|--- 2023-10-05 07:17:24+00:00| seen| https://t.me/cibsecurity/71658...
CVE-2023-26237
An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM...
CVE-2023-26237
CVE-2023-26237 affects WatchGuard EPDR 8.0.21.0002, where an attacker can bypass defensive capabilities by adding a registry key as SYSTEM. The issue is described as a local-impact bypass of protections, with CVSSv3.1 metrics indicating Local access, Low attack complexity, Privileges Required: Hi...
K62444703: Multiple MySQL vulnerabilities CVE-2022-21455 and CVE-2022-21509
Security Advisory Description CVE-2022-21455 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...
SUSE CVE-2020-26237
Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during highlighting. If you allow use...
CVE-2022-26237
The default privileges for the running service Normand Viewer Service in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data...
CVE-2022-26237
CVE-2022-26237 affects Beckman Coulter Remisol Advance (v2.0.12.1 and prior) via the Normand Viewer Service. The default privileges for this service allow non-privileged users to overwrite and manipulate executables and libraries, enabling access to sensitive data. No patch/version remediation is...
CVE-2021-26237
creationtimestamp| type| source ---|---|--- 2021-03-18 17:32:29+00:00| seen| https://t.me/cibsecurity/25109...
CVE-2021-26237
FastStone Image Viewer
[SECURITY] [DLA 2511-1] highlight.js security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2511-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz December 30, 2020 https://wiki.debian.org/LTS -...
CVE-2020-26237
Highlight.js vulnerability CVE-2020-26237: Prototype Pollution in versions before 9.18.2 and 10.1.2 (and older); a malicious HTML block could pollute Object.prototype during highlighting. Upstream fixes exist in 9.18.2+, 10.1.2+, and newer. Debian/OSS advisories also reference updates; remediatio...
musicme.com XSS vulnerability
Vulnerable URL: https://www.musicme.com/Tjindjara/videos%3C!%27/%22//%27//%22/--%3E%3C/Script%3E%3CImage%20Srcset=K%20/;%20Onerror=confirm%60OPENBUGBOUNTY%60%20//%3E/Wessel-S-&-Lf-Project-Ft.-Tjindjara---Alive-Preview-4B677A455F2D6856376A34.html/ Details: Description| Value ---|--- Patched:| Yes,...