EUVD-2026-33398

Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks...

CVE-2026-44611

CVE-2026-44611 affects Danelec MacGregor Voyage Data Recorder. The password storage uses a hashing method that limits password length and is susceptible to brute-force attacks, potentially compromising authentication. According to the provided metrics, the vulnerability has a CVSS base score arou...

CVE-2024-38501

An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device...

CVE-2024-38501

An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device...

CVE-2024-38501

CVE-2024-38501 affects Pepperl+Fuchs Device Master ICDM-RX (gateway devices). An unauthenticated remote attacker can exploit a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device. The primary sources describe the vul...

CVE-2024-37347 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06

There is a cross-site scripting vulnerability in the pool configuration component of the management UI of Absolute Secure Access prior to 13.06. Attackers with system administrator permissions can pass a limited length script to be run by another administrator. The scope is unchanged, there is no...

CVE-2024-37343 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06

There is a cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.06. Attackers with valid tunnel credentials can pass a limited-length script to the administrative console which is then temporarily stored where an administrato...

recherche-collection-search.bac-lac.gc.ca Cross Site Scripting vulnerability OBB-3178473

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

xn--ces30xxjez9pl3t.tw XSS vulnerability

Open Bug Bounty ID: OBB-531324 Description| Value ---|--- Affected Website:| xn--ces30xxjez9pl3t.tw Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated...