CVE-2025-26588

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gabrielperezs TTT Crop ttt-crop allows Reflected XSS.This issue affects TTT Crop: from n/a through = 1.0...

CVE-2025-26588

CVE-2025-26588 describes a reflected Cross-Site Scripting (XSS) vulnerability in the WordPress plugin TTT Crop . The Initial Description specifies a Reflected XSS affecting “NotFound TTT Crop” from n/a through 1.0. Connected documents corroborate the issue as a Reflected Cross Site Scripting vuln...

CVE-2025-26588 WordPress TTT Crop Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gabrielperezs TTT Crop ttt-crop allows Reflected XSS.This issue affects TTT Crop: from n/a through = 1.0...

CVE-2024-26588

A flaw was found in the Linux kernel's implementation of the BPF JIT compiler for LoongArch CPUs. An instruction index is incorrectly calculated, leading to out-of-bounds memory access. This issue may allow an attacker with the privileges necessary to run BPF programs on systems with affected CPU...

CVE-2024-26588 affecting package kernel for versions less than 5.15.158.1-1

CVE-2024-26588 affecting package kernel for versions less than 5.15.158.1-1. A patched version of the package is available...

Ubuntu: Security Advisory (USN-6688-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-26588

creationtimestamp| type| source ---|---|--- 2024-02-22 18:53:44+00:00| seen| https://t.me/ctinow/191011...

CVE-2024-26588

CVE-2024-26588 – LoongArch: BPF: Prevent out-of-bounds memory access . Linux kernel BPF JIT compilation on LoongArch can fault while loading large BPF programs (e.g., 2039 insns) due to an out-of-bounds access during build_body/bpf_int_jit_compile sequence, triggering an unhandled page fault. The...

CVE-2024-26588 LoongArch: BPF: Prevent out-of-bounds memory access

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Prevent out-of-bounds memory access The testtag test triggers an unhandled page fault: ./testtag 130.640218 CPU 0 Unable to handle kernel paging request at virtual address ffff80001b898004, era == 9000000003137f7c...

CVE-2023-26588

Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016...

CVE-2023-26588

Buffalo network devices are affected by CVE-2023-26588 due to hard-coded credentials, allowing an attacker to access the product’s debug function. Affected models/firmware (examples from the public records) include BS-GSL2024, BS-GSL2016P, BS-GSL2016, BS-GS2008, BS-GS2016, BS-GS2024, BS-GS2048, B...

CVE-2022-26588

creationtimestamp| type| source ---|---|--- 2022-04-09 00:13:36+00:00| seen| https://t.me/cibsecurity/40421...

CVE-2022-26588

IceHrm 31.0.0.OS is affected by a CSRF vulnerability where the app/service.php endpoint lacks CSRF token validation. This allows an attacker to delete arbitrary users or achieve account takeover via the affected interface. Public sources (e.g., PacketStorm, Exploit-DB) describe an exploit path an...

CVE-2022-26588

A Cross-Site Request Forgery CSRF in IceHrm 31.0.0.OS allows attackers to delete arbitrary users or achieve account takeover via the app/service.php URI...

ICEHRM 31.0.0.0S - Cross-site Request Forgery (CSRF) to Account Deletion

Exploit Title: ICEHRM 31.0.0.0S - Cross-site Request Forgery CSRF to Account Deletion Date: 29/03/2022 Exploit Author: Devansh Bordia Vendor Homepage: https://icehrm.com/ Software Link: https://github.com/gamonoid/icehrm/releases/tag/v31.0.0.OS Version: 31.0.0.OS Tested on: Windows 10 CVE:...

CVE-2021-26588

creationtimestamp| type| source ---|---|--- 2021-10-11 20:24:50+00:00| seen| https://t.me/cibsecurity/30356...

CVE-2021-26588

A potential security vulnerability has been identified in HPE 3PAR StoreServ, HPE Primera Storage and HPE Alletra 9000 Storage array firmware. An unauthenticated user could remotely exploit the low complexity issue to execute code as administrator. This vulnerability impacts completely the...