UTT HiPER 810G 安全漏洞

UTT HiPER 810G is a firewall router produced by UTT Corporation. The UTT HiPER 810G v3v1.7.7-171114 version contains a security vulnerability. This vulnerability stems from a buffer overflow in the notes parameter of the formGroupConfig function, which may lead to a denial-of-service attack...

CVE-2026-31060

UTT Aggressive HiPER 810G v3v1.7.7-171114 was discovered to contain a buffer overflow in the notes parameter of the formGroupConfig function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2026-31060

The CVE-2026-31060 entry concerns UTT Aggressive HiPER 810G v3v1.7.7-171114. The root cause is a buffer overflow in the notes parameter of the formGroupConfig function, leading to Denial of Service when a crafted input is supplied. Public exposure details are limited to the affected software vers...

PT-2026-30618

UTT Aggressive HiPER 810G v3v1.7.7-171114 was discovered to contain a buffer overflow in the notes parameter of the formGroupConfig function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2026-5568

A vulnerability has been found in Akaunting up to 3.1.21. This issue affects some unknown processing of the component Invoice/Billing. The manipulation of the argument notes leads to cross site scripting. The attack is possible to be carried out remotely. The exploit has been disclosed to the...

CVE-2026-5568

CVE-2026-5568 affects Akaunting up to version 3.1.21, specifically the Invoice/Billing processing. The vulnerability arises from the manipulation of the argument notes , enabling a remote cross‑site scripting (XSS) attack. The issue is exploitable remotely and the exploit has been publicly disclo...

CVE-2026-5568 Akaunting Invoice/Billing cross site scripting

A vulnerability has been found in Akaunting up to 3.1.21. This issue affects some unknown processing of the component Invoice/Billing. The manipulation of the argument notes leads to cross site scripting. The attack is possible to be carried out remotely. The exploit has been disclosed to the...

CVE-2026-5568 Akaunting Invoice/Billing cross site scripting

A vulnerability has been found in Akaunting up to 3.1.21. This issue affects some unknown processing of the component Invoice/Billing. The manipulation of the argument notes leads to cross site scripting. The attack is possible to be carried out remotely. The exploit has been disclosed to the...

Akaunting 代码注入漏洞

Akaunting is an application software provided by Akaunting Corporation that offers all the tools needed for online fund management. Versions of Akaunting 3.1.21 and earlier had a code injection vulnerability, which was caused by incorrect handling of the parameter “notes” in the Invoice/Billing...

PT-2026-30139

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: always free skb on ieee80211 tx prepare skb failure ieee80211 tx prepare skb has three error paths, but only two of them free the skb. The first error path ieee80211 tx prepare returning TX DROP does not free it,...

Cross-site Scripting (XSS)

Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the composeMail function...

Incorrect Behavior Order

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order via injection of shell metacharacters into the username parameter. An attacker can execute arbitrary commands by supplying specially crafted input. This is only exploitable if the username is untrusted and the '...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.59 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.59 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

Webkul Krayin CRM 代码注入漏洞

Webkul Krayin CRM is a free and open-source CRM solution for small and medium-sized businesses from the Indian company Webkul. Versions of Webkul Krayin CRM 2.2 and earlier contained a code injection vulnerability. This vulnerability stemmed from an error in the composeMail function of the...

PT-2026-29860

A vulnerability was identified in krayin laravel-crm up to 2.2. Impacted is the function composeMail of the file packages/Webkul/Admin/tests/e2e-pw/tests/mail/inbox.spec.ts of the component Activities Module/Notes Module. The manipulation leads to cross site scripting. Remote exploitation of the...

CVE-2026-34367

InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Invoice PDF generation module. User-supplied HTML in the invoice Notes field i...

CVE-2026-34365

InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Estimate PDF generation module. User-supplied HTML in the estimate Notes field...

CVE-2026-34366

InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Payment receipt PDF generation module. User-supplied HTML in the payment Notes...

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Container Release Update

An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...

Minor update (4) for Vivaldi Desktop Browser 7.9

Download Vivaldi The following improvements were made since the third 7.9 minor update: AutoHide Panels appear too early VB-126507 AutoHide Search field does not work well with AutoHide VB-126468 MailCalendar Success SVG broken VB-126630 Chromium Update to 146.0.7680.182: includes a security fix...