753 matches found
CVE-2025-3000 vulnerabilities
Vulnerabilities for packages: open-webui...
CVE-2026-12620
The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...
CVE-2026-12619
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip GridTime 3000 allows Cross-Site Scripting XSS. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...
EUVD-2026-38041
The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...
CVE-2026-12620
The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...
CVE-2026-12620 Access Token Exposure in URL Parameters in GridTime™ 3000 GNSS Time Server
The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...
CVE-2026-12620
The CVE affects GridTime 3000 GNSS Time Server versions 1.0r0.03 through 1.1r0.0, where an access token is leaked in the URL parameters of certain endpoints. The issue is documented by NVD/CVE entries for CVE-2026-12620, with an attack surface described as NETWORK, requiring HIGH privileges and A...
CVE-2026-12621 Cross-Site Scripting (XSS) Vulnerability in Password Reset Redirect in GridTime™ 3000 GNSS Time Server
Improper neutralization of input during web page generation XSS vulnerability in the GridTime 3000 password reset form allows XSS. This issue affects GridTime 3000: from 1.0r0.03 before 1.2r0.0...
CVE-2026-12621 Cross-Site Scripting (XSS) Vulnerability in Password Reset Redirect in GridTime™ 3000 GNSS Time Server
Improper neutralization of input during web page generation XSS vulnerability in the GridTime 3000 password reset form allows XSS. This issue affects GridTime 3000: from 1.0r0.03 before 1.2r0.0...
CVE-2026-12621
GridTime 3000 GNSS Time Server Password Reset form is vulnerable to XSS due to improper neutralization of input during web page generation. Affected from 1.0r0.03 up to, but not including, 1.2r0.0. Base CVSS v4 score is 5.3 (Medium). No exploitation details are provided in the documents; no remed...
EUVD-2026-38039
The GridTime 3000 GNSS Time Server has an open redirect vulnerability in the password change form submission. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...
CVE-2026-12622 Open Redirect Vulnerability in Password Reset Submission in GridTime™ 3000 GNSS Time Server
The GridTime 3000 GNSS Time Server has an open redirect vulnerability in the password change form submission. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...
CVE-2026-12622 Open Redirect Vulnerability in Password Reset Submission in GridTime™ 3000 GNSS Time Server
The GridTime 3000 GNSS Time Server has an open redirect vulnerability in the password change form submission. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...
CVE-2026-12622
The GridTime 3000 GNSS Time Server presents an open redirect vulnerability in its password change form submission affecting versions 1.0r0.03 through 1.1r0.0. The issue is described as an open redirect in the password change flow; no further exploitation details, impact scope, or remediation are ...
EUVD-2026-38038
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip GridTime 3000 allows Cross-Site Scripting XSS. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...
CVE-2026-12619 GridTime™ 3000 GNSS Time Server CSRF to XSS
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip GridTime 3000 allows Cross-Site Scripting XSS. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...
CVE-2026-12619
The CVE-2026-12619 entry concerns Microchip GridTime 3000 GNSS Time Server, where an improper neutralization during web page generation enables Cross-Site Scripting (XSS). A CSRF-to-XSS chain affects GridTime 3000 versions 1.0r0.03–1.1r0.0. Exploit maturity is listed as ATTACKED, indicating in-th...
PT-2026-50945
Name of the Vulnerable Software and Affected Versions GridTime 3000 versions 1.0r0.03 through 1.1r0.0 Description Improper neutralization of input during web page generation allows for Cross-Site Scripting XSS, a condition where malicious scripts are injected into trusted websites. Recommendation...
PT-2026-50947
Name of the Vulnerable Software and Affected Versions GridTime 3000 versions 1.0r0.03 through 1.2r0.0 Description Improper neutralization of input during web page generation in the password reset form allows Cross-Site Scripting XSS, a condition where malicious scripts are injected into trusted...
CVE-2025-3000 vulnerabilities
Vulnerabilities for packages: py3-torch-cuda-12.6, py3-torch-cuda-12.9, nemo, py3-torch-cuda-13.0, py3-torch-cuda-12.8, open-webui, py3-torch-cuda-13.1, py3-torch-cuda-13.3, py3-torch-cuda-13.2, py3-torch-cuda-12.4...