8556 matches found
Pulse Secure Pulse Connect Secure - Cross-Site Scripting (Reflected)
Pulse Secure Pulse Connect Secure PCS 8.3.x before 8.3R7.1 and 9.0.x before 9.0R3 contain a reflected cross-site scripting caused by insufficient sanitization on the Application Launcher page, letting attackers execute scripts in the context of the affected page, exploit requires victim to visit ...
MaNGOSWebV4 < 4.0.8 - Cross-Site Scripting
paintballrefjosh/MaNGOSWebV4 4.0.8 contains a reflected XSS caused by unsanitized input in install/index.php step parameter, letting attackers execute arbitrary scripts in the victim's browser, exploit requires victim to visit a maliciously crafted URL id: CVE-2017-6478 info: name: MaNGOSWebV4...
NocoBase - SQL Injection
NocoBase @nocobase/plugin-collection-sql versions prior to 2.0.39 are vulnerable to SQL injection via the sqlCollection:update endpoint. The checkSQL function, which blocks dangerous SQL keywords and ensures only SELECT statements are allowed, is not called during collection updates. id:...
UBUNTU-CVE-2026-61863
ImageMagick before 7.1.2-26 and 6.x before 6.9.13-51 contains a memo...
EUVD-2026-44796
CVE-2026-33443 is a memory management error in Secure Access servers prior to 14.55. Attackers with an intimate knowledge of and total control over the tunnel protocol can create a persistent DoS against the server...
MantisBT: SOAP API Authentication Bypass with Privilege Escalation to Administrator
MantisBT 2.28.3 and earlier contains a critical authentication bypass in the SOAP API's mcichecklogin function. Any user knowing any valid cookiestring can authenticate as any other user knowing their username, including the administrator, without knowing the target's password. The vulnerability ...
EUVD-2026-44620
ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the TIFF encoder when an invalid tiff:tile-geometry is specified. Supplying malformed tile geometry parameters causes allocated memory not to be released, which can lead to increased memory consumption...
CVE-2026-61864 ImageMagick before 7.1.2-26 Memory Leak in Log Colorspace
ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in color transformation to the log colorspace: when the operation fails, a small amount of memory is not released...
PT-2026-60234
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.4.1 Splunk Enterprise versions prior to 10.2.5 Splunk Enterprise versions prior to 10.0.8 Splunk Enterprise versions prior to 9.4.13 Splunk Enterprise versions prior to 9.3.14 Splunk Cloud Platform versio...
CVE-2026-45305
Summary of CVE-2026-45305 (Symfony YAML Parser ReDoS) Symfony’s YAML handling (Symfony\Component\Yaml\Parser::cleanup) can hang parsing crafted input due to the use of overlapping quantifiers in regular expressions for YAML directive, comment, and document marker cleanup. This is a client-side pa...
Adobe Media Encoder < 25.6.6 / 26.0.0 < 26.3.0 Multiple Vulnerabilities (APSB26-72) (macOS)
The version of Adobe Media Encoder installed on the remote macOS host is prior to 25.6.6, 26.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-72 advisory. - Media Encoder is affected by an out-of-bounds write vulnerability that could result in arbitrary code...
Adobe Media Encoder < 25.6.6 / 26.0.0 < 26.3.0 Multiple Vulnerabilities (APSB26-72)
The version of Adobe Media Encoder installed on the remote Windows host is prior to 25.6.6, 26.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-72 advisory. - Media Encoder is affected by an out-of-bounds write vulnerability that could result in arbitrary co...
Adobe Audition < 25.6.6 / 26.0 < 26.3 Multiple Vulnerabilities (APSB26-71) (macOS)
The version of Adobe Audition installed on the remote macOS host is prior to 25.6.6, 26.3. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-71 advisory. - Audition is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution i...
CVE-2026-48364
CVE-2026-48364 affects ColdFusion versions 2025.9, 2023.20 and earlier. It is an Uncontrolled Search Path Element vulnerability that could enable arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file); the impact is ...
CVE-2026-55773 CedarJava has a policy injection vulnerability
CedarJava is an open source Java implementation of the Cedar policy language, used for fine-grained authorization decisions. In versions prior to 2.3.6, 3.4.1 and 4.9.0, under certain circumstances, improper input handling could allow Cedar-expression injection via unescaped toCedarExpr. The...
CVE-2026-57408
CVE-2026-57408 affects the WordPress Peach Payments Gateway plugin wc-peach-payments-gateway
CVE-2026-57219
RabbitMQ suffers an unauthenticated disclosure vulnerability in the management API: the obsolete GET /api/auth endpoint can reveal the OAuth 2 client secret on installations configured with management.oauth_client_secret prior to versions 3.13.15, 4.0.20, 4.1.11, and 4.2.6. The issue arises when ...
CVE-2026-59792
CVE-2026-59792 affects JetBrains IntelliJ IDEA prior to 2026.1.4, with a path-traversal weakness in project workspace ID handling that could enable code execution. The connected sources corroborate a 2026.2-era code execution claim tied to this path traversal issue. The available documents do not...
Coder < 2.29.7 / 2.30.x < 2.30.2 Workspace Auto-Creation Without Consent (CVE-2026-44454)
The version of Coder installed on the remote host is prior to 2.29.7 or 2.30.x prior to 2.30.2. It is, therefore, affected by a command injection vulnerability. The dotfiles registry module passed unsanitized user input to shell commands, enabling arbitrary code execution inside provisioned...
CVE-2026-58143
Cotonti Siena 0.9.26 and earlier contains a cross-site request forgery vulnerability that allows unauthenticated attackers to modify administrator configuration by tricking a logged-in administrator into submitting a forged POST request to the admin.php config update handler, which never invokes...