21 matches found
RockyLinux 9 : hplip (RLSA-2026:26297)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26297 advisory. HPLIP: HPLIP: Privilege escalation and arbitrary code execution via operating system command injection CVE-2026-8632 HPLIP: HPLIP: Arbitrary code...
MAL-2025-26297 Malicious code in microcode (npm)
The package microcode was found to contain malicious code...
CVE-2023-26297
Previous versions of HP Device Manager prior to HPDM 5.0.10 could potentially allow command injection and/or elevation of privileges...
CVE-2024-26297
creationtimestamp| type| source ---|---|--- 2024-02-27 23:26:38+00:00| seen| https://t.me/ctinow/194943 2024-02-27 23:26:54+00:00| seen| https://t.me/ctinow/194954...
CVE-2024-26297
CVE-2024-26297 affects Aruba ClearPass Policy Manager’s web-based management interface. The vulnerability allows remote authenticated users to execute arbitrary commands as root on the underlying OS, enabling complete system compromise. Technical details in the connected documents confirm the aff...
CVE-2023-26297
creationtimestamp| type| source ---|---|--- 2023-06-13 02:19:31+00:00| seen| https://t.me/cibsecurity/65148...
CVE-2023-26297
Previous versions of HP Device Manager prior to HPDM 5.0.10 could potentially allow command injection and/or elevation of privileges...
CVE-2023-26297
HP Device Manager (HPDM) versions prior to 5.0.10 have a vulnerability allowing command injection and/or elevation of privileges. This CVE is corroborated across multiple sources, which identify HPDM 5.0.10 as the fixed version. The CVSS v3.1 base score is 8.8 ( HIGH ) with network attack vector,...
CVE-2023-26297
Previous versions of HP Device Manager prior to HPDM 5.0.10 could potentially allow command injection and/or elevation of privileges...
GHSA-GX5W-RRHP-F436 XSS in mdBook
This is a cross-post of the official security advisoryml. The official post contains a signed version with our PGP key, as well. ml: https://groups.google.com/g/rustlang-security-announcements/c/3-sO6of29O0 The Rust Security Response Working Group was recently notified of a security issue affecti...
XSS in mdBook
This is a cross-post of the official security advisoryml. The official post contains a signed version with our PGP key, as well. ml: https://groups.google.com/g/rustlang-security-announcements/c/3-sO6of29O0 The Rust Security Response Working Group was recently notified of a security issue affecti...
FreeBSD : mdbook -- XSS in mdBook's search page (40b481a9-9df7-11eb-9bc3-8c164582fbac)
Rust Security Response Working Group reports : The search feature of mdBook introduced in version 0.1.4 was affected by a cross site scripting vulnerability that allowed an attacker to execute arbitrary JavaScript code on an user's browser by tricking the user into typing a malicious search query...
Kubernetes: XSS on kubernetes-csi.github.io (mdBook)
Report Submission Form Summary: Hi, I have recently found XSS vulnerability in mdBook CVE-2020-26297, fixed and disclosed on 4th January 2020. The details were published in a security advisory here: https://blog.rust-lang.org/2021/01/04/mdbook-security-advisory.html I did a quick recon and found ...
CVE-2020-26297
creationtimestamp| type| source ---|---|--- 2021-01-04 23:25:10+00:00| seen| https://t.me/cibsecurity/21556...
CVE-2020-26297 XSS in mdBook's search page
mdBook is a utility to create modern online books from Markdown files and is written in Rust. In mdBook before version 0.4.5, there is a vulnerability affecting the search feature of mdBook, which could allow an attacker to execute arbitrary JavaScript code on the page. The search feature of mdBo...
CVE-2020-26297
CVE-2020-26297 affects mdBook, a Rust-based tool for building online books. The vulnerability is a cross-site scripting flaw in the search feature (introduced in 0.1.4) that could allow an attacker to execute arbitrary JavaScript in a user’s browser via a malicious search query or a crafted link....
RUSTSEC-2021-0001 XSS in mdBook's search page
This is a cross-post of the official security advisoryml. The official post contains a signed version with our PGP key, as well. ml: https://groups.google.com/g/rustlang-security-announcements/c/3-sO6of29O0 The Rust Security Response Working Group was recently notified of a security issue affecti...
cargo-errorbook (>=0.0.1 <=0.0.2), cautious-octo-funicular (>=0.1.4 <=0.1.5) +117 more potentially affected by CVE-2020-26297 via mdbook (>=0.2.3 <=0.4.22)
mdbook CARGO version =0.2.3, =0.0.1, =0.1.4, =1.0.0, =0.2.6, =1.0.0, =0.2.0, =0.1.0, =0.1.0, =0.1.2, =0.0.1, =0.1.0, =1.0.0, =0.1.0, =1.0.0 and more Source cves: CVE-2020-26297 Source advisory: OSV:RUSTSEC-2021-0001...
XSS in mdBook's search page
This is a cross-post of the official security advisoryml. The official post contains a signed version with our PGP key, as well. ml: https://groups.google.com/g/rustlang-security-announcements/c/3-sO6of29O0 The Rust Security Response Working Group was recently notified of a security issue affecti...
CVE-2026-26297
...