CVE-2026-30918

facileManager is a modular suite of web apps built with the sysadmin in mind. Prior to 6.0.4 , a reflected XSS occurs when an application receives data from an untrusted source and uses it in its HTTP responses in a way that could lead to vulnerabilities. It is possible to inject malicious...

facileManager 跨站脚本漏洞

facileManager is a modular web application developed by the facileManager company. Versions of facileManager prior to 6.0.4 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper handling of data in the fmDNS module, which could lead to storage-based cross-site...

EUVD-2026-10431

facileManager is a modular suite of web apps built with the sysadmin in mind. Prior to 6.0.4 , stored XSS also known as persistent or second-order XSS occurs when an application receives data from an untrusted source and includes that data in its subsequent HTTP responses in an unsafe manner. Thi...

CVE-2026-30919 facileManager Affected by Stored Cross-Site Scripting (XSS)

facileManager is a modular suite of web apps built with the sysadmin in mind. Prior to 6.0.4 , stored XSS also known as persistent or second-order XSS occurs when an application receives data from an untrusted source and includes that data in its subsequent HTTP responses in an unsafe manner. Thi...

CVE-2026-30919

CVE-2026-30919 affects facileManager, specifically the fmDNS module. Before version 6.0.4, a stored XSS vulnerability exists where data from untrusted sources is reflected in HTTP responses in an unsafe manner. The CVSS v3.1 base score is 7.6 (High), with Network attack vector, Low attack complex...

CVE-2026-30918

facileManager (fmDNS module) before version 6.0.4 is affected by a reflected XSS. The vulnerability occurs when data from an untrusted source is injected via the log_search_query parameter and reflected in HTTP responses, potentially allowing malicious JavaScript execution. The issue is fixed in ...

EUVD-2026-10429

facileManager is a modular suite of web apps built with the sysadmin in mind. Prior to 6.0.4 , a reflected XSS occurs when an application receives data from an untrusted source and uses it in its HTTP responses in a way that could lead to vulnerabilities. It is possible to inject malicious...

CVE-2026-30918 facileManager Affected by Reflected Cross-Site Scripting (XSS)

facileManager is a modular suite of web apps built with the sysadmin in mind. Prior to 6.0.4 , a reflected XSS occurs when an application receives data from an untrusted source and uses it in its HTTP responses in a way that could lead to vulnerabilities. It is possible to inject malicious...

CVE-2026-30918 facileManager Affected by Reflected Cross-Site Scripting (XSS)

facileManager is a modular suite of web apps built with the sysadmin in mind. Prior to 6.0.4 , a reflected XSS occurs when an application receives data from an untrusted source and uses it in its HTTP responses in a way that could lead to vulnerabilities. It is possible to inject malicious...

EUVD-2026-2685

An Unchecked Return Value vulnerability in the DNS module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. If an SRX Series device configured for DNS processing, receives a specifically formatted DNS request flowd will...

EUVD-2006-7036

Malware in sbrugna...

CVE-2023-21186

In LogResponse of Dns.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-261079188...

Node.js 12.x < 12.22.2 / 14.x < 14.17.2 / 16.x < 16.4.1 Multiple Vulnerabilities

The version of Node.js installed on the remote host is prior to 12.22.2, 14.17.2, 16.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the July 2021 Security Releases advisory. - Node.js is vulnerable to out-of-bounds read in libuv's uvidnatoascii function which is used...

[ASA-202107-36] libuv: information disclosure

Arch Linux Security Advisory ASA-202107-36 ========================================== Severity: Medium Date : 2021-07-20 CVE-ID : CVE-2021-22918 Package : libuv Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-2131 Summary ======= The package libuv before versi...

Node.js 12.x < 12.22.2, 14.x < 14.17.2, 16.x < 16.4.1 DoS Vulnerability - Mac OS X

Node.js is prone to a out of bounds read vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you c...

Siemens Nucleus Products DNS Module Predicts UDP Port Number Vulnerabilities

The Nucleus NET module includes a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device.Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for...

Siemens Nucleus Products DNS Module (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens --------- Begin Update A Part 1 of 3 --------- Equipment: Nucleus NET, Nucleus Source Code, Capital VSTAR --------- End Update A Part 1 of 3 --------- Vulnerabilities: Out-of-bounds Write, Use...

GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers

Chinese cybersecurity researchers have uncovered a widespread, ongoing malware campaign that has already hijacked over 100,000 home routers and modified their DNS settings to hack users with malicious web pages—especially if they visit banking sites—and steal their login credentials. Dubbed...

glibc: getaddrinfo stack-based buffer overflow

A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note...

glibc: getaddrinfo stack-based buffer overflow

A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note...