CVE-2023-45280

Yamcs 5.8.6 allows XSS issue 2 of 2. It comes with a Bucket as its primary storage mechanism. Buckets allow for the upload of any file. There's a way to upload an HTML file containing arbitrary JavaScript and then navigate to it. Once the user opens the file, the browser will execute the arbitrar...

CVE-2023-49179

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in N.O.U.S. Open Useful and Simple Event post allows Stored XSS.This issue affects Event post: from n/a through 5.8.6...

RHSA-2025:22925 Red Hat Security Advisory: Red Hat JBoss Web Server 5.8.6 release and security update

Bulletin has no description...

VulnCheck KEV: CVE-2021-26072

The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote attackers to manipulate the content of internal network resources via a blind Server-Side Request Forgery SSRF vulnerability...

CVE-2021-47694 Nagios XI < 5.8.6 Core Config Manager (CCM) Reflected XSS via Test Command

The Core Config Manager CCM in Nagios XI versions prior to CCM 3.1.4 / Nagios XI 5.8.6 contains a reflected cross-site scripting XSS vulnerability via the Test Command functionality. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary...

CVE-2025-64202

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TieLabs Sahifa sahifa allows DOM-Based XSS.This issue affects Sahifa: from n/a through 5.8.6...

PT-2025-44478

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to CCM 3.1.4 Nagios XI versions prior to 5.8.6 Description The Core Config Manager CCM in Nagios XI is subject to a reflected cross-site scripting XSS issue through the Test Command functionality. A lack of proper inpu...

WordPress plugin Sahifa 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress Sahifa Theme < 5.8.6 is vulnerable to Cross Site Scripting (XSS)

Software Sahifa Type Theme Vulnerable versions 5.8.6 Fixed in 5.8.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-64202 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 32bb45fc3f37 Credits João Pedro S Alcântara Kinorth Required privilege...

EUVD-2023-2638

Malicious code in bioql PyPI...

EUVD-2023-2824

Malicious code in bioql PyPI...

EUVD-2023-23837

Malicious code in bioql PyPI...

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to improper mTLS configuration handling. An attacker can exploit this misconfiguration to establish unauthorized connections to Redis instances that are intended to require client certificate...

CVE-2025-52136

In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugin's acceptability for later Dashboard installation is set b...

PT-2025-30300 · Unknown · Hmailserver

Name of the Vulnerable Software and Affected Versions: hMailServer version 5.8.6 Description: An issue allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components. Recommendations: At the moment, there is no...

📄 EMQX 5.8.5 Remote Code Execution

A remote code execution vulnerability exists in the EMQX Dashboard component of EMQX, up to and including version 5.8.5. Authenticated users can upload plugins containing arbitrary code, including any kind of Erlang code, which may be executed on the server hosting the web interface. This is...

CVE-2023-46471

Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6 allows a remote attacker to execute arbitrary code via the text variable scriptContainer of the ScriptViewer...

CVE-2021-38156

In Nagios XI before 5.8.6, XSS exists in the dashboard page /dashboards/ when administrative users attempt to edit a dashboard...

Moderate: Red Hat Security Advisory: security update Logging for Red Hat OpenShift - 5.8.6

Moderate Logging for Red Hat OpenShift - 5.8.6 Logging for Red Hat OpenShift - 5.8.6...

radare2 security vulnerability

radare2 is a set of libraries and tools for working with binaries. A security vulnerability exists in radare2 versions v.0.9.7 through v.5.8.6, which originated from a vulnerability that allows a local attacker to cause a denial of service via the grubsfsreadextent function...