CVE-2025-52036

A vulnerability has been found in NotesCMS and classified as medium. Affected by this vulnerability is the page /index.php?route=categories. The manipulation of the title of the service descriptions leads to a stored XSS vulnerability. The issue was confirmed to be present in the source code as o...

CVE-2025-52037

A vulnerability has been found in NotesCMS and classified as medium. Affected by this vulnerability is the page /index.php?route=sites. The manipulation of the title of the service descriptions leads to a stored XSS vulnerability. The issue was confirmed to be present in the source code as of...

CVE-2025-52035

A vulnerability in NotesCMS and specifically in the page /index.php?route=notes. The manipulation of the title of the service descriptions leads to a stored XSS vulnerability. The issue was confirmed to be present in the source code as of commit 7d821a0f028b0778b245b99ab3d3bff1ac10e2d3 dated...

Linux Distros Unpatched Vulnerability : CVE-2019-11548

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9. It has Incorrect Access Control. Unprivileged members of a project are able to...

CVE-2025-52036

NotesCMS contains a stored XSS vulnerability (CWE-79) on the /index.php?route=categories page. The issue arises from manipulation of the service descriptions title in the source code, present as of commit 7d821a0f028b0778b245b99ab3d3bff1ac10e2d3 (2024-05-08) and fixed in commit 95322c5121dbd7070f...

Linux Distros Unpatched Vulnerability : CVE-2019-12445

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab Community and Enterprise Edition 8.4 through 11.11. A malicious user could execute JavaScript code on notes by importing a...

CVE-2025-52035

A vulnerability in NotesCMS and specifically in the page /index.php?route=notes. The manipulation of the title of the service descriptions leads to a stored XSS vulnerability. The issue was confirmed to be present in the source code as of commit 7d821a0f028b0778b245b99ab3d3bff1ac10e2d3 dated...

CVE-2025-52035

NotesCMS contains a stored XSS in the page /index.php?route=notes caused by manipulation of the service description title. The issue is traced to code present as of commit 7d821a0f028b0778b245b99ab3d3bff1ac10e2d3 (2024-05-08) and was fixed in commit 95322c5121dbd7070f3bd54f2848079654a0a8ea (2025-...

PT-2025-34776 · Notescms · Notescms

Name of the Vulnerable Software and Affected Versions: NotesCMS versions prior to commit 95322c5121dbd7070f3bd54f2848079654a0a8ea Description: A vulnerability exists in NotesCMS, specifically within the /index.php?route=notes page. Manipulation of the title of service descriptions leads to a stor...

WordPress GiveWP Plugin < 4.6.0 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:givewp:givewp"; ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2019-12497

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through...

CVE-2025-9228

MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users...

docs

It is an of...

CVE-2025-9228

MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users...

CVE-2025-9228 Insufficient authorization when creating notes

MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users...

CVE-2025-9228

MiR software (versions prior to 3.0.0) has insufficient authorization controls when creating text notes, allowing low-privilege users to create notes intended for administrators. Root cause: authorization gap in text-note creation. Impact: potential integrity concerns within text notes; CVSS-A/I ...

CVE-2025-9228 Insufficient authorization when creating notes

MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users...

SUSE-SU-2025:02924-1 Security update for go1.25

go1.25 released 2025-08-12 is a major release of Go. go1.25.x minor releases will be provided through August 2026. https://github.com/golang/go/wiki/Go-Release-Cycle go1.25 arrives six months after Go 1.24. Most of its changes are in the implementation of the toolchain, runtime, and libraries. As...

Linux Distros Unpatched Vulnerability : CVE-2021-21409

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers &...

PT-2025-34027 · Mir · Mir

Name of the Vulnerable Software and Affected Versions: MiR software versions prior to 3.0.0 Description: MiR software versions prior to 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes intended only for administrative users...