2341 matches found
CVE-2025-20155
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is firs...
CVE-2025-20155
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is firs...
CVE-2025-20155
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is firs...
Cisco IOS XE Software Bootstrap Arbitrary File Write Vulnerability
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is firs...
GHSA-QV97-5QR8-2266 Mithril snapshots for Cardano database could be compromised by an adversary
Impact Mithril certification of Cardano database The Mithril network provides certification for snapshots of the Cardano database, enabling users to quickly bootstrap a Cardano node without relying on the slower peer-to-peer synchronization process. To generate a multi-signature, a minimum...
Cisco IOS XE Software Bootstrap Arbitrary File Write (cisco-sa-bootstrap-KfgxYgdh)
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient...
CVE-2025-3901
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting XSS.This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4...
CVE-2025-3901
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting XSS.This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4...
CVE-2025-3901
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting XSS.This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4...
CVE-2025-3901 Bootstrap Site Alert - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-042
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting XSS.This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4...
CVE-2025-3901
The CVE-2025-3901 entry concerns the Drupal Bootstrap Site Alert module, where improper input neutralization in web page generation enables Cross-Site Scripting (XSS). Affected versions are Drupal Bootstrap Site Alert 0.0.0 up to 1.12.0 and 3.0.0 up to 3.0.3. The root cause is unsafe handling of ...
CVE-2025-3901 Bootstrap Site Alert - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-042
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting XSS.This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4...
DRUPAL-CONTRIB-2025-042
This module enables you to put a site wide bootstrap themed alert message on the top of every page. The module doesn't sufficiently filter text input when leading to a possible XSS attacks. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administ...
Drupal Bootstrap Site Alert module < 1.13.0,3.0.0-3.0.3 - Unauthenticated Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS vulnerability discovered by Mitch Portier arkener in WordPress Module Bootstrap Site Alert versions 1.13.0,3.0.0-3.0.3...
Drupal Bootstrap Site Alert 安全漏洞
Drupal Bootstrap Site Alert is a module plugin in the Drupal content management system for the Drupal community. A security vulnerability exists in Drupal Bootstrap Site Alert versions prior to 1.13.0 and 3.0.x versions prior to 3.0.4, which stems from improper input neutralization and could lead...
PT-2025-17657 · Drupal · Drupal Bootstrap Site Alert
Name of the Vulnerable Software and Affected Versions: Drupal Bootstrap Site Alert versions 0.0.0 through 1.12.0 Drupal Bootstrap Site Alert versions 3.0.0 through 3.0.3 Description: The issue affects Drupal Bootstrap Site Alert, allowing Cross-Site Scripting XSS due to improper neutralization of...
Bootstrap Site Alert - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-042
This module enables you to put a site wide bootstrap themed alert message on the top of every page. The module doesn't sufficiently filter text input when leading to a possible XSS attacks. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administ...
[SECURITY] [DLA 4125-1] twitter-bootstrap4 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4125-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès April 13, 2025 https://wiki.debian.org/LTS -...
CVE-2025-32672
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in g5theme Ultimate Bootstrap Elements for Elementor ultimate-bootstrap-elements-for-elementor allows PHP Local File Inclusion.This issue affects Ultimate Bootstrap Elements for...
Debian dla-4125 : libjs-bootstrap4 - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4125 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4125-1 [email protected] https://www.debian.org/lts/security/...