122 matches found
PT-2026-45381
Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions prior to 5.19.7 Apache ActiveMQ versions 6.0.0 through 6.2.5 Description Incorrect default permissions in Jolokia authorization settings allow authenticated low-privilege web-login accounts to access operations intende...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled When QoS is disabled, the queue priority value will not map to the correct ieee80211 queue since there is only one queue. Stop/wake queue 0 when QoS is disabl...
CVE-2020-37240
Queue Management System 4.0.0 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through user creation fields. Attackers can insert JavaScript payloads in the First Name, Last Name, and Email fields during user creation, which...
CVE-2020-37240 Queue Management System 4.0.0 Stored XSS via Add User
Queue Management System 4.0.0 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through user creation fields. Attackers can insert JavaScript payloads in the First Name, Last Name, and Email fields during user creation, which...
CVE-2020-37240 Queue Management System 4.0.0 Stored XSS via Add User
Queue Management System 4.0.0 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through user creation fields. Attackers can insert JavaScript payloads in the First Name, Last Name, and Email fields during user creation, which...
EUVD-2020-31243
Queue Management System 4.0.0 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through user creation fields. Attackers can insert JavaScript payloads in the First Name, Last Name, and Email fields during user creation, which...
CVE-2020-37240
CVE-2020-37240 affects Queue Management System 4.0.0 with a stored XSS flaw in the Add User workflow. Authenticated administrators can inject JavaScript via First Name, Last Name, or Email during user creation, with payloads executing on the User List page. CVSS-4.0 vector yields 5.1 (MEDIUM), an...
CVE-2020-37240
Queue Management System 4.0.0 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through user creation fields. Attackers can insert JavaScript payloads in the First Name, Last Name, and Email fields during user creation, which...
CodeKernel Token - Queue Management System 跨站脚本漏洞
CodeKernel Token - Queue Management System is a Laravel-based queueing and customer waiting list management system developed by CodeKernel. Version 4.0.0 of CodeKernel Token - Queue Management System contains a cross-site scripting vulnerability. This vulnerability stems from storage-type...
PT-2026-41440
Queue Management System 4.0.0 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through user creation fields. Attackers can insert JavaScript payloads in the First Name, Last Name, and Email fields during user creation, which...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: block: don't allow the same type rqqos add more than once In our test of iocost, we encountered some list add/del corruptions of innerwalk list in ioctimerfn. The reason can be described as follows: cpu 0 cpu 1 iocqoswrite...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013504)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013504 advisory. In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfqexiticqbfqq Commit 64dc8c732f5c block, bfq: fix possible uaf f...
CVE-2026-4617
A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is the function ValidateToken of the file /php/apipatientcheckin.php of the component Patient Check-In Module. Executing a manipulation can lead to improper authorization. It i...
CVE-2026-23340
A flaw was found in the Linux kernel. A race condition exists in the network queue management qdisc component when the number of transmit queues is dynamically reduced while network traffic is active. This can lead to a Use-After-Free UAF vulnerability, where memory is prematurely freed while sti...
CVE-2026-23340
In the Linux kernel, the following vulnerability has been resolved: net: sched: avoid qdiscresetalltxgt vs dequeue race for lockless qdiscs When shrinking the number of real tx queues, netifsetrealnumtxqueues calls qdiscresetalltxgt to flush qdiscs for queues which will no longer be used...
CVE-2026-4617
A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is the function ValidateToken of the file /php/apipatientcheckin.php of the component Patient Check-In Module. Executing a manipulation can lead to improper authorization. It i...
CVE-2026-4617
A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is the function ValidateToken of the file /php/apipatientcheckin.php of the component Patient Check-In Module. Executing a manipulation can lead to improper authorization. It i...
CVE-2026-4617
The CVE-2026-4617 entry concerns SourceCodester Patients Waiting Area Queue Management System 1.0. The vulnerability affects the Patient Check-In Module, specifically the ValidateToken function in /php/api_patient_checkin.php. A manipulated token can cause improper authorization, and exploitation...
PT-2026-27284
Name of the Vulnerable Software and Affected Versions SourceCodester Patients Waiting Area Queue Management System version 1.0 Description A flaw exists in the Patient Check-In Module of the software, specifically within the ValidateToken function located in the /php/api patient checkin.php file...
EUVD-2026-10326
A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. This issue affects some unknown processing of the file /patient-search.php. The manipulation results in improper authorization. The attack can be launched remotely. The exploit is now public and may ...