2470 matches found
PT-2026-45824
Name of the Vulnerable Software and Affected Versions SolarWinds Web Help Desk affected versions not specified Description A denial-of-service issue exists where exploitation could cause the server to crash due to insufficient memory. Recommendations At the moment, there is no information about a...
Cisco Desk Phone 9841 and 9851 Remote Code Execution Vulnerability (regreSSHion) (cisco cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco Desk Phone 9841 and 9851 are affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Desk Phone 9841 and 9851 due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime...
VulnCheck KEV: CVE-2025-40554
SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that, if exploited, could allow an attacker to invoke specific actions within Web Help Desk...
SpringBlade 跨站脚本漏洞
SpringBlade is a microservices development platform developed by Blade China. Version 4.8.0 of SpringBlade contains a cross-site scripting vulnerability. This vulnerability stems from the /api/blade-desk/notice/submit endpoint, where a stored cross-site script exists. This could allow attackers t...
CVE-2026-36763
The CVE-2026-36763 entry describes a stored XSS in SpringBlade v4.8.0, exploitable via the /api/blade-desk/notice/submit endpoint by injecting crafted input into the content parameter. The NVD entry confirms the issue and lists a CVSS v3.1 base score of 6.1 (Medium) with network attack vector, lo...
PT-2026-36152
A stored cross-site scripting XSS vulnerability in the /api/blade-desk/notice/submit endpoint of SpringBlade v4.8.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into the content parameter...
CVE-2025-67223
The Aranda File Server AFS component in Aranda Software Aranda Service Desk before 8.3.12 stores daily activity logs with predictable names in a publicly accessible directory, which allows unauthenticated remote attackers to obtain direct virtual paths of uploaded files and bypass access controls...
CVE-2025-67223
The Aranda File Server AFS component in Aranda Software Aranda Service Desk before 8.3.12 stores daily activity logs with predictable names in a publicly accessible directory, which allows unauthenticated remote attackers to obtain direct virtual paths of uploaded files and bypass access controls...
Aranda Service Desk 安全漏洞
Aranda Service Desk is an IT service management and helpdesk system provided by the American company Aranda. Versions of Aranda Service Desk prior to 8.3.12 contained security vulnerabilities. These vulnerabilities stemmed from the Aranda File Server component storing daily activity logs in a...
CVE-2025-67223
The CVE concerns the Aranda File Server (AFS) component in Aranda Software Aranda Service Desk prior to 8.3.12. It stores daily activity logs with predictable names in a publicly accessible directory, enabling unauthenticated remote attackers to obtain direct virtual paths to uploaded files and b...
CVE-2026-3837
An authenticated attacker can persist crafted values in multiple field types and trigger client-side script execution when another user opens the affected document in Desk. The vulnerable formatter implementations interpolate stored values into raw HTML attributes and element content without...
BrowserTools MCP 命令注入漏洞
BrowserTools MCP is an open-source browser monitoring and AI interaction tool developed by AgentDeskAI. Versions of BrowserTools MCP 1.2.0 and earlier contained a command injection vulnerability, which stemmed from the os command injection present in the browser-tools-server/browser-connector.ts...
EUVD-2026-25088
An authenticated attacker can persist crafted values in multiple field types and trigger client-side script execution when another user opens the affected document in Desk. The vulnerable formatter implementations interpolate stored values into raw HTML attributes and element content without...
CVE-2026-3837
An authenticated attacker can persist crafted values in multiple field types and trigger client-side script execution when another user opens the affected document in Desk. The vulnerable formatter implementations interpolate stored values into raw HTML attributes and element content without...
CVE-2026-3837
CVE-2026-3837 – Frappe Framework 16.10.0 : An authenticated attacker can store crafted values in multiple field formatters and cause client-side script execution when another user opens the affected document in Desk. The issue arises because the vulnerable formatters interpolate stored values int...
CVE-2026-3837 Frappe Framework 16.10.0 - Stored DOM XSS in Multiple Field Formatters
An authenticated attacker can persist crafted values in multiple field types and trigger client-side script execution when another user opens the affected document in Desk. The vulnerable formatter implementations interpolate stored values into raw HTML attributes and element content without...
CVE-2026-3837 Frappe Framework 16.10.0 - Stored DOM XSS in Multiple Field Formatters
An authenticated attacker can persist crafted values in multiple field types and trigger client-side script execution when another user opens the affected document in Desk. The vulnerable formatter implementations interpolate stored values into raw HTML attributes and element content without...
PT-2026-34557
Name of the Vulnerable Software and Affected Versions Frappe version 16.10.0 Description An authenticated attacker can persist crafted values in multiple field types to trigger client-side script execution when another user opens the affected document in Desk. This occurs because vulnerable...
CVE-2026-40568
FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a stored cross-site scripting XSS vulnerability in the mailbox signature feature. The sanitization function Helper::stripDangerousTags app/Misc/Helper.php:568 uses an incomplete blocklist of only four HTM...
EUVD-2026-24173
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, the loadcustomerinfo action in POST /conversation/ajax returns complete customer profile data to any authenticated user without verifying mailbox access. An attacker only needs a valid email address to retriev...