CVE-2026-37461

A flaw was found in gobgp. An out-of-bounds read vulnerability in the ParseIP6Extended function allows a remote attacker to cause a Denial of Service DoS by sending a specially crafted Border Gateway Protocol BGP UPDATE message. This can lead to the affected system becoming unresponsive...

Linux Distros Unpatched Vulnerability : CVE-2026-37461

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP...

EUVD-2025-37461

Malicious code in react-ui-animates npm...

CVE-2024-37461

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Martin Gibson IdeaPush allows Stored XSS.This issue affects IdeaPush: from n/a through 8.65...

CVE-2024-37461

creationtimestamp| type| source ---|---|--- 2024-07-22 01:05:07+00:00| seen| https://t.me/cvedetector/1363...

CVE-2024-37461 WordPress IdeaPush plugin <= 8.65 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Martin Gibson IdeaPush allows Stored XSS.This issue affects IdeaPush: from n/a through 8.65...

CVE-2024-37461 WordPress IdeaPush plugin <= 8.65 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Martin Gibson IdeaPush allows Stored XSS.This issue affects IdeaPush: from n/a through 8.65...

WordPress IdeaPush Plugin <= 8.65 is vulnerable to Cross Site Scripting (XSS)

Software IdeaPush Type Plugin Vulnerable versions = 8.65 Fixed in 8.66 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37461 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7db453746375 Credits piro Required privilege Unauthenticated...

CVE-2023-37461

creationtimestamp| type| source ---|---|--- 2023-07-18 00:45:31+00:00| seen| https://t.me/cibsecurity/66860...

CVE-2023-37461

CVE-2023-37461 affects Metersphere. The vulnerability arises from uploaded files that may set a related type to a relative path such as ../../../../, enabling a path-traversal that could overwrite or create files within the metersphere process’ accessible filesystem. This is constrained to files ...

CVE-2023-37461 Path traversal in metersphere

Metersphere is an opensource testing framework. Files uploaded to Metersphere may define a belongType value with a relative path like ../../../../ which may cause metersphere to attempt to overwrite an existing file in the defined location or to create a new file. Attackers would be limited to...

CVE-2022-37461

creationtimestamp| type| source ---|---|--- 2022-09-30 18:36:14+00:00| seen| https://t.me/cibsecurity/50773 2022-10-03 17:35:04+00:00| published-proof-of-concept| https://t.me/truesecator/3503...

CVE-2022-37461

Canon Medical Vitrea View is affected: XSS in Vitrea View 7.x before 7.7.6 can be triggered via the error subdirectory path or by parameters (groupID, offset, limit) in the Administrative Panel, potentially allowing access to patient information. Affected versions are 7.x up to 7.7.5; remediation...

CVE-2022-37461

Multiple cross-site scripting XSS vulnerabilities in Canon Medical Vitrea View 7.x before 7.7.6 allow remote attackers to inject arbitrary web script or HTML via 1 the input after the error subdirectory to the /vitrea-view/error/ subdirectory, or the 2 groupID, 3 offset, or 4 limit parameter to a...

CVE-2021-37461

CVE-2021-37461 affects NCH Axon PBX, a virtual telephone switch, with a reflected XSS in /extensionsinstruction?id= where input is not properly filtered of special characters. Affects v2.22 and earlier. The provided documents do not specify a remediation version or patch status, exploit details, ...