6340 matches found
Exploit for Observable Discrepancy in Openbsd Openssh
Advanced Exploit Finder A comprehensive penetration testing t...
CVE-2025-8459
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Monitoring recurrent downtime scheduler modules allows Stored XSS.This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from 24.04.0 before 24.04.18,...
EUVD-2025-34226
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring ACL Action access configuration modules allows Stored XSS by users with elevated privileges. This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from...
CVE-2025-54891 A user with elevated privileges can inject XSS in the ACL Resource Access configuration page
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring ACL Resource access configuration modules allows Stored XSS by users with elevated privileges. This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, fr...
EUVD-2025-34220
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring SNMP traps manufacturer configuration modules allows Stored XSS by users with elevated privileges. This issue affects Infra Monitoring: from 24.10.0 before 24.10.13...
Flowise 安全漏洞
Flowise is a FlowiseAI open source tool for easily building LLM applications. A security vulnerability exists in Flowise, which stems from improper use of integration modules in the nodevm execution environment and could allow an authenticated attacker to bypass sandbox restrictions and execute...
Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2025-2207)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo
CVE-2025-32463 POC Proof-of-concept exploit CVE-2025-32463...
EUVD-2025-33788
Vulnerability in Drupal Synchronize composer.Json With Contrib Modules.This issue affects Synchronize composer.Json With Contrib Modules:...
CVE-2025-9552
Vulnerability in Drupal Synchronize composer.Json With Contrib Modules.This issue affects Synchronize composer.Json With Contrib Modules:...
CVE-2025-9552 Synchronize composer.json With Contrib Modules - Critical - Unsupported - SA-CONTRIB-2025-102
Vulnerability in Drupal Synchronize composer.Json With Contrib Modules.This issue affects Synchronize composer.Json With Contrib Modules:...
CVE-2025-9552
CVE-2025-9552 concerns the Drupal module Synchronize composer.Json With Contrib Modules . Public descriptions in connected documents indicate a vulnerability affecting the module in general (versions not specified). The NVD/NVD-derived metrics show a CVSS 3.1 base score of 5.3 (Medium) with an at...
CVE-2025-9552 Synchronize composer.json With Contrib Modules - Critical - Unsupported - SA-CONTRIB-2025-102
Vulnerability in Drupal Synchronize composer.Json With Contrib Modules.This issue affects Synchronize composer.Json With Contrib Modules:...
CVE-2025-11549
A vulnerability has been found in Tenda W12 3.0.0.63948. The affected element is the function wifiMacFilterSet of the file /goform/modules of the component HTTP Request Handler. The manipulation of the argument mac leads to stack-based buffer overflow. The attack is possible to be carried out...
Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerabilities
Upstream kernel version 6.6.105 fixes bugs and vulnerabilities. The kmod-virtualbox & kmod-xtables-addons packages have been updated to work with this new kernel. The newer meta-task and mageia-repos packages are required to simplify the correct installation of the kernel-stable-userspace-headers...
EUVD-2025-33722
Stored HTML injection in RISE Ultimate Project Manager & CRM allows authenticated users to inject arbitrary HTML into invoices and messages. Injected content renders in emails, PDFs, and messaging/chat modules sent to clients or team members, enabling phishing, credential theft, and business emai...
Drupal Synchronize composer.Json With Contrib Modules 安全漏洞
Drupal Synchronize composer.Json With Contrib Modules is a module management plugin for the Drupal community. A security vulnerability exists in Drupal Synchronize composer.Json With Contrib Modules, which stems from an issue when synchronizing composer.Json with contributed modules...
PT-2025-41620
Name of the Vulnerable Software and Affected Versions Drupal Synchronize composer.Json With Contrib Modules versions . Description A flaw exists in Drupal Synchronize composer.Json With Contrib Modules. The specific nature of the issue is not detailed in the provided information. Recommendations ...
CVE-2025-11550
A vulnerability was found in Tenda W12 3.0.0.63948. The impacted element is the function wifiScheduledSet of the file /goform/modules of the component HTTP Request Handler. The manipulation of the argument wifiScheduledSet results in null pointer dereference. The attack may be performed from...
CVE-2025-11549
A vulnerability has been found in Tenda W12 3.0.0.63948. The affected element is the function wifiMacFilterSet of the file /goform/modules of the component HTTP Request Handler. The manipulation of the argument mac leads to stack-based buffer overflow. The attack is possible to be carried out...