20 matches found
Opensis-Classic 8.0 - Cross-Site Scripting
Opensis-Classic Version 8.0 is affected by cross-site scripting. An unauthenticated user can inject and execute JavaScript code through the linkurl parameter in Ajaxurlencode.php. id: CVE-2021-40542 info: name: Opensis-Classic 8.0 - Cross-Site Scripting author: alph4byt3 severity: medium...
CVE-2026-40542 vulnerabilities
Vulnerabilities for packages: dependency-track, apache-nifi, opensearch, trino...
CVE-2026-40542 vulnerabilities
Vulnerabilities for packages: dependency-track-apiserver, pinot-fips, pinot, dependency-track, apache-nifi, trino, opensearch, opensearch-fips...
Linux Distros Unpatched Vulnerability : CVE-2026-40542
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing critical step in authentication in Apache HttpClient 5.6 allows an attacker to cause the client to accept SCRAM-SHA-256 authentication without proper...
org.apache.httpcomponents.client5:httpclient5-cache (=5.6-alpha1), org.apache.httpcomponents.client5:httpclient5-fluent (=5.6-alpha1) +2 more potentially affected by CVE-2026-40542 via org.apache.httpcomponents.client5:httpclient5 (=5.6-alpha1)
org.apache.httpcomponents.client5:httpclient5 MAVEN version =5.6-alpha1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.httpcomponents.client5:httpclient5 and may be impacted: - org.apache.httpcomponents.client5:httpclient5-cache =5.6-alpha1...
org.apache.httpcomponents.client5:httpclient5-cache (=5.6-alpha1), org.apache.httpcomponents.client5:httpclient5-fluent (=5.6-alpha1) +2 more potentially affected by CVE-2026-40542 via org.apache.httpcomponents.client5:httpclient5 (=5.6-alpha1)
org.apache.httpcomponents.client5:httpclient5 MAVEN version =5.6-alpha1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.httpcomponents.client5:httpclient5 and may be impacted: - org.apache.httpcomponents.client5:httpclient5-cache =5.6-alpha1...
CVE-2026-40542
creationtimestamp| type| source ---|---|--- 2026-04-22 08:24:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk333xsffz2e 2026-04-22 15:24:25+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mk3skbh6ht2h 2026-04-22 17:24:29+00:00| seen|...
UBUNTU-CVE-2026-40542
Missing critical step in authentication in Apache HttpClient 5.6 allows an attacker to cause the client to accept SCRAM-SHA-256 authentication without proper mutual authentication verification. Users are recommended to upgrade to version 5.6.1, which fixes this issue...
CVE-2026-40542
Missing critical step in authentication in Apache HttpClient 5.6 allows an attacker to cause the client to accept SCRAM-SHA-256 authentication without proper mutual authentication verification. Users are recommended to upgrade to version 5.6.1, which fixes this issue...
CVE-2026-40542 Apache HttpClient: SCRAM-SHA-256 mutual authentication bypass may cause the client to accept authentication without proper mutual authentication verification
Missing critical step in authentication in Apache HttpClient 5.6 allows an attacker to cause the client to accept SCRAM-SHA-256 authentication without proper mutual authentication verification. Users are recommended to upgrade to version 5.6.1, which fixes this issue...
CVE-2024-40542
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/role?offset...
CVE-2024-40542
creationtimestamp| type| source ---|---|--- 2024-07-12 19:27:02+00:00| seen| https://t.me/cvedetector/774...
F5 Networks BIG-IP TCP profile vulnerability (K000134652)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0 / 16.1.4 / 15.1.9. It is, therefore, affected by a vulnerability as referenced in the K000134652 advisory. When TCP Verified Accept is enabled on a TCP profile that is configured on a virtual server, undisclosed...
CVE-2023-40542
creationtimestamp| type| source ---|---|--- 2023-10-10 16:16:56+00:00| seen| https://t.me/cibsecurity/71933...
CVE-2023-40542 BIG-IP TCP Profile vulnerability
When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2023-40542
CVE-2023-40542 affects F5 BIG-IP: when TCP Verified Accept is enabled on a TCP profile configured on a virtual server, undisclosed requests can cause unbounded memory growth, degrading system performance and potentially triggering a denial of service as the TMM process restarts. The advisory (K00...
K000134652: BIG-IP TCP profile vulnerability CVE-2023-40542
Security Advisory Description When TCP Verified Accept is enabled on a TCP profile that is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2023-40542 Impact System performance can degrade until the Traffic Management Microkernel TMM...
CVE-2021-40542
creationtimestamp| type| source ---|---|--- 2021-10-11 16:23:31+00:00| seen| https://t.me/cibsecurity/30335 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-40542.yaml...
CVE-2021-40542
Opensis-Classic 8.0 is affected by a Cross-Site Scripting (XSS) vulnerability via the link_url parameter in Ajax_url_encode.php. An unauthenticated attacker can inject and execute JavaScript in users’ browsers. The relevant connected data confirms affected software/version and the vulnerable para...
CVE-2022-40542
CVE-2022-40542 is rejected/not used per description; this ID does not represent an active vulnerability entry.