Important: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2025-31103

Untrusted data deserialization vulnerability exists in a-blog cms. Processing a specially crafted request may store arbitrary files on the server where the product is running. This can be leveraged to execute an arbitrary script on the server...

ForestBlog 安全漏洞

ForestBlog is a blogging system. A cross-site scripting vulnerability exists in ForestBlog 20250321 and earlier versions, which stems from the lack of effective filtering and escaping of user-supplied data by the parameter keywords, and can be exploited by an attacker to execute arbitrary Web...

RHEL 8 : libreoffice (RHSA-2025:3269)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3269 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a...

RHEL 8 : libreoffice (RHSA-2025:3265)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3265 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a...

RHEL 8 : libreoffice (RHSA-2025:3169)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3169 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a...

CVE-2025-27567

Cross-site scripting vulnerability exists in the NickName registration screen of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the configuration page or functions accessible only from t...

CVE-2025-27574

Cross-site scripting vulnerability exists in the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the configuration page or functions accessible only...

KDDI HGW BL1500HM 跨站脚本漏洞

The KDDI HGW BL1500HM is a home router from KDDI Japan. A cross-site scripting vulnerability exists in KDDI HGW BL1500HM 002.002.003 and earlier versions, which originates from cross-site scripting in the USB storage file sharing feature and could lead to the execution of arbitrary scripts...

Important: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update ...

Important: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update ...

Important: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Yonyou UFIDA ERP-NC 代码注入漏洞

Yonyou UFIDA ERP-NC is a kind of Enterprise Resource Planning ERP software, which is mainly used for financial management, supply chain management, production management and customer relationship management of enterprises. Yonyou UFIDA ERP-NC suffers from a cross-site scripting vulnerability that...

CVE-2025-29412

A cross-site scripting XSS vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

CVE-2025-29410

A cross-site scripting XSS vulnerability in the component /contact.php of Hospital Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the txtEmail parameter...

CVE-2025-29412

A cross-site scripting XSS vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

Hospital Management System 安全漏洞

Hospital Management System is a hospital management system by the individual developer Kishan Lal. A security vulnerability exists in Hospital Management System v1.0, which stems from a cross-site scripting vulnerability in the /contact.php component that could lead to the execution of arbitrary...

CVE-2025-29412

The CVE-2025-29412 entry identifies an XSS vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0. The issue arises from injected payloads in the Name parameter, enabling arbitrary web scripts or HTML execution. Affected component: iBanking v2.0.0, Client Profile Up...

CVE-2025-29410

CVE-2025-29410 is a documented XSS vulnerability in Hospital Management System v1.0, exploitable via the /contact.php component where a crafted payload injected into the txtEmail parameter can execute arbitrary script/HTML. Affected component: /contact.php; vulnerability type: XSS; CVSS v3.1 base...

CVE-2025-0833

A stored Cross-site Scripting XSS vulnerability affecting Route Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...