19073 matches found
CVE-2026-7501 LinkStackOrg LinkStack UserController.php editPage cross site scripting
A weakness has been identified in LinkStackOrg LinkStack up to 4.8.6. Impacted is the function editPage of the file app/Http/Controllers/UserController.php. Executing a manipulation of the argument pageDescription can lead to cross site scripting. It is possible to launch the attack remotely. The...
CVE-2026-7501
A weakness has been identified in LinkStackOrg LinkStack up to 4.8.6. Impacted is the function editPage of the file app/Http/Controllers/UserController.php. Executing a manipulation of the argument pageDescription can lead to cross site scripting. It is possible to launch the attack remotely. The...
EUVD-2026-26438
A weakness has been identified in LinkStackOrg LinkStack up to 4.8.6. Impacted is the function editPage of the file app/Http/Controllers/UserController.php. Executing a manipulation of the argument pageDescription can lead to cross site scripting. It is possible to launch the attack remotely. The...
CVE-2026-7501 LinkStackOrg LinkStack UserController.php editPage cross site scripting
A weakness has been identified in LinkStackOrg LinkStack up to 4.8.6. Impacted is the function editPage of the file app/Http/Controllers/UserController.php. Executing a manipulation of the argument pageDescription can lead to cross site scripting. It is possible to launch the attack remotely. The...
CVE-2026-7501
The CVE pertains to LinkStackOrg LinkStack (up to version 4.8.6). The vulnerability affects the editPage function in app/Http/Controllers/UserController.php, caused by manipulation of the pageDescription argument which enables cross-site scripting. Exploitation is possible remotely and public exp...
CVE-2026-7306
A security vulnerability has been detected in Xuxueli xxl-job up to 3.3.2. The impacted element is an unknown function of the file xxl-job-admin/src/main/java/com/xxl/job/admin/scheduler/openapi/OpenApiController.java of the component OpenAPI Endpoint. Such manipulation of the argument defaulttok...
LinkStack 授权问题漏洞
LinkStack is a unique platform developed by LinkStack OpenSource, offering efficient solutions for managing and sharing links online. Version 4.8.6 and earlier of LinkStack contained an authorization vulnerability. This vulnerability originated from the saveLink function in the Management Endpoin...
PT-2026-36191
Name of the Vulnerable Software and Affected Versions LinkStackOrg LinkStack versions prior to 4.8.7 Description A weakness in the editPage function within the app/Http/Controllers/UserController.php file allows for remote cross-site scripting XSS, which occurs when a user-supplied value is...
ovn: OVN: Information disclosure via crafted DHCPv6 packets
A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...
ovn: ovn: Heap Over-Read in ICMP Error Response Generation
When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...
ovn: OVN: Information disclosure via crafted DHCPv6 packets
A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...
ovn: OVN: Information disclosure via crafted DHCPv6 packets
A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...
Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources.
Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. More precisely, an application can be vulnerable when all the following are true: the application is using Spring MVC or Spring WebFlux the application is configuring the resource chain support...
UBUNTU-CVE-2026-22741
Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. More precisely, an application can be vulnerable when all the following are true: the application is using Spring MVC or Spring WebFlux the application is configuring the resource chain support...
EUVD-2026-26207
Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources. More precisely, an application can be vulnerable when all the following are true: the application is using Spring MVC or Spring WebFlux the application is serving static resources from...
EDAC/mc: Fix error path ordering in edac_mc_alloc()
...
CVE-2026-7306
A security vulnerability has been detected in Xuxueli xxl-job up to 3.3.2. The impacted element is an unknown function of the file xxl-job-admin/src/main/java/com/xxl/job/admin/scheduler/openapi/OpenApiController.java of the component OpenAPI Endpoint. Such manipulation of the argument defaulttok...
CVE-2026-7306 Xuxueli xxl-job OpenAPI Endpoint OpenApiController.java hard-coded key
A security vulnerability has been detected in Xuxueli xxl-job up to 3.3.2. The impacted element is an unknown function of the file xxl-job-admin/src/main/java/com/xxl/job/admin/scheduler/openapi/OpenApiController.java of the component OpenAPI Endpoint. Such manipulation of the argument defaulttok...
EUVD-2026-26150
A security vulnerability has been detected in Xuxueli xxl-job up to 3.3.2. The impacted element is an unknown function of the file xxl-job-admin/src/main/java/com/xxl/job/admin/scheduler/openapi/OpenApiController.java of the component OpenAPI Endpoint. Such manipulation of the argument defaulttok...
EUVD-2026-26148
A security flaw has been discovered in Xuxueli xxl-job up to 3.3.2. Impacted is the function logDetailCat of the file xxl-job-admin/src/main/java/com/xxl/job/admin/controller/biz/JobLogController.java of the component Execution Log Handler. The manipulation of the argument logId results in improp...