Automated Logic WebCTRL Premium Server Improper Neutralization of Input During Web Page Generation (CVE-2024-8528)

CWE-79 Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. User input is not properly sanitized, allowing injection of malicious scripts into web pages viewed by...

MINI-8528-FC62-GXX9

Bulletin has no description...

CVE-2026-8528 vulnerabilities

Vulnerabilities for packages: chromium...

Chromium: CVE-2026-8528 Insufficient validation of untrusted input in SiteIsolation

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-8528

Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass Site Isolation via a crafted HTML page. Chromium security severity: High...

MINI-R526-8528-HFMJ

Bulletin has no description...

MINI-VJJR-8528-G62X

Bulletin has no description...

CVE-2024-8528

creationtimestamp| type| source ---|---|--- 2025-11-20 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-324-01...

MAL-2025-8528 Malicious code in @malware-test-burke-fixed-azine-takas/test-mlw3-burke-fixed-azine-takas (npm)

The package @malware-test-burke-fixed-azine-takas/test-mlw3-burke-fixed-azine-takas was found to contain malicious code...

CVE-2025-8528 Exrick xboot getMenuList sensitive information in a cookie

A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is an unknown function of the file /xboot/permission/getMenuList. The manipulation leads to cleartext storage of sensitive information in a cookie. It is possible to launch the attack remotely. The...

CVE-2025-8528 Exrick xboot getMenuList sensitive information in a cookie

A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is an unknown function of the file /xboot/permission/getMenuList. The manipulation leads to cleartext storage of sensitive information in a cookie. It is possible to launch the attack remotely. The...

CVE-2025-8528

CVE-2025-8528 affects Exrick xboot up to 3.3.4. An issue in the function at /xboot/permission/getMenuList allows manipulation that stores sensitive information in cleartext in a cookie. The vulnerability can be exploited remotely with high attack complexity and no user interaction. Confidentialit...

CVE-2019-8528

A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges...

RHEL 9 : pki-servlet-engine (RHSA-2024:8528)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8528 advisory. Tomcat is the servlet engine that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java...

Important: Red Hat Security Advisory: pki-servlet-engine security update

An update for pki-servlet-engine is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2019-8528

CVE-2019-8528 describes a use-after-free vulnerability in Apple's kernel code that could allow an attacker to execute arbitrary code with kernel privileges. The initial entry notes the issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 for High Sierra and Sierra, and iO...

CVE-2016-8528

A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found...

CVE-2016-8528

A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found...

CVE-2016-8528

CVE-2016-8528 describes a Remote Escalation of Privilege in HP Helion Eucalyptus versions 3.3.0 through 4.3.1. The vulnerability affects the Eucalyptus component stack, enabling an unauthenticated or low-privileged attacker to escalate privileges over the network (as indicated by the NVD CVSS3 ve...

Remote code execution

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Word Viewer, Microsoft Lync 2013 SP1, Skype for...