Linux Distros Unpatched Vulnerability : CVE-2026-47762

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability via forged mce:protected comments. Allows...

Linux Distros Unpatched Vulnerability : CVE-2026-47761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability in the media plugin. Attackers can inject...

UBUNTU-CVE-2026-47762

TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability via forged mce:protected comments. Allows attackers to bypass sanitization and inject scripts that execute when content is restored. Impacts users who utilize the protect option. Thi...

CVE-2026-47761 TinyMCE Cross-Site Scripting (XSS) vulnerability using media plugin `data-mce-object` injection

TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability in the media plugin. Attackers can inject malicious scripts via crafted data-mce- attributes, which are executed when content is rendered. Impacts users of TinyMCE with the media...

PT-2026-44390

Name of the Vulnerable Software and Affected Versions TinyMCE versions prior to 5.11.1 TinyMCE versions prior to 7.9.3 TinyMCE versions prior to 8.5.1 Description A stored Cross-Site Scripting XSS issue exists in the media plugin. Attackers can inject malicious scripts using specially crafted...

com.aconex.scrutineer:scrutineer (>=6.8.13-1 <=7.9.3), com.bbossgroups.plugins:bboss-elasticsearch (>=5.0.3.7.4 <=6.2.0) +21 more potentially affected by CVE-2025-68390 via org.elasticsearch.plugin:x-pack-core (>=6.8.11 <=7.9.3)

org.elasticsearch.plugin:x-pack-core MAVEN version =6.8.11, =6.8.13-1, =5.0.3.7.4, =5.0.3.6, =5.1.1, =5.1.1, =0.3.11, =0.3.11, =2.0.0, =3.3.0, =6.2.2.0, =1.0, =1.2.0, =1.6.1 and more Source cves: CVE-2025-68390 Source advisory: OSV:GHSA-GPHJ-4H6P-37XQ...

com.aconex.scrutineer:scrutineer (=7.9.3), org.elasticsearch.client:x-pack-transport (>=7.8.1 <=7.9.3) potentially affected by CVE-2025-37731 via org.elasticsearch.plugin:x-pack-core (>=7.8.1 <=7.9.3)

org.elasticsearch.plugin:x-pack-core MAVEN version =7.8.1, =7.8.1, =7.9.3 Source cves: CVE-2025-37731 Source advisory: SNYK:JAVA-ORGELASTICSEARCHPLUGIN-14417581...

EUVD-2019-4475

Malware in sbrugna...

AgileBits 1Password 安全漏洞

AgileBits 1Password For Mac is a password management software from AgileBits Canada. It is used to store a variety of different passwords. A security vulnerability exists in 1Password version 7.2.4 through versions prior to 7.9.3, which stems from the vulnerability of passwords to process...

CVE-2019-12897

Edraw Max 7.9.3 has a Read Access Violation at the Instruction Pointer after a call from ObjectModule!Paint::Clear+0x0000000000000074...

CVE-2019-12897

CVE-2019-12897 affects Edraw Max 7.9.3. The vulnerability is described as a Read Access Violation at the Instruction Pointer triggered after a call from ObjectModule!Paint::Clear+0x... (address provided). Connected sources corroborate this description across multiple feeds; no additional technica...

CVE-2019-12897

Edraw Max 7.9.3 has a Read Access Violation at the Instruction Pointer after a call from ObjectModule!Paint::Clear+0x0000000000000074...

CVE-2019-12896

Edraw Max 7.9.3 has Heap Corruption starting at ntdll!RtlpNtMakeTemporaryKey+0x0000000000001a77...

CVE-2019-12896

Summary: CVE-2019-12896 affects Edraw Max 7.9.3 and involves a heap corruption vulnerability. The specific trigger is described as corruption starting at ntdll!RtlpNtMakeTemporaryKey+0x1a77. Several connected sources (Red Hat, CNVD, NVD entry) confirm the software and version, with the issue iden...

CVE-2018-13401

CVE-2018-13401 affects Atlassian Jira. The vulnerability is an open-redirect issue in the XsrfErrorAction resource that lets remote attackers obtain a user’s CSRF token. Affected Jira versions are: before 7.6.9; 7.7.0–before 7.7.5; 7.8.0–before 7.8.5; 7.9.0–before 7.9.3; 7.10.0–before 7.10.3; 7.1...

Cross site scripting

Various resources in Atlassian Jira before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3 and before version 7.11.1 allow remote attackers to inject arbitrary HTML ...