GHSA-43RR-X62X-Q96W MineAdmin improperly refreshes tokens

A weakness has been identified in MineAdmin 1.x/2.x. This impacts the function refresh of the file /system/refresh of the component JWT Token Handler. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The attack is considered ...

MineAdmin improperly refreshes tokens

A weakness has been identified in MineAdmin 1.x/2.x. This impacts the function refresh of the file /system/refresh of the component JWT Token Handler. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The attack is considered ...

Insufficient Verification of Data Authenticity

Overview mineadmin/mineadmin is a Quickly build a background management system for web applications Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity via the refresh function of the /system/refresh in the JWT Token Handler component. An attacker ca...

CVE-2026-1195

A weakness has been identified in MineAdmin 1.x/2.x. This impacts the function refresh of the file /system/refresh of the component JWT Token Handler. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The attack is considered ...

CVE-2026-1195

A weakness has been identified in MineAdmin 1.x/2.x. This impacts the function refresh of the file /system/refresh of the component JWT Token Handler. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The attack is considered ...

CVE-2026-1195 MineAdmin JWT Token refresh data authenticity

A weakness has been identified in MineAdmin 1.x/2.x. This impacts the function refresh of the file /system/refresh of the component JWT Token Handler. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The attack is considered ...

CVE-2026-1195 MineAdmin JWT Token refresh data authenticity

A weakness has been identified in MineAdmin 1.x/2.x. This impacts the function refresh of the file /system/refresh of the component JWT Token Handler. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The attack is considered ...

CVE-2026-1195

Summary: CVE-2026-1195 affects MineAdmin 1.x/2.x, specifically the JWT Token Handler’s /system/refresh function. The issue is insufficient verification of data authenticity, enabling a remote attack with high complexity; exploitation has been publicly disclosed. Multiple sources consistently desc...

CVE-2026-1195

A weakness has been identified in MineAdmin 1.x/2.x. This impacts the function refresh of the file /system/refresh of the component JWT Token Handler. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The attack is considered ...

PT-2026-3519

Name of the Vulnerable Software and Affected Versions MineAdmin versions 1.x and 2.x Description A weakness exists due to insufficient verification of data authenticity within the JWT Token Handler component. This issue affects the refresh function of the /system/refresh file. The attack can be...

MiracleLinux 8 : postgresql:13 (AXSA:2024-7568:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7568:01 advisory. postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 Tenable has extracted the preceding description block...

MiracleLinux 8 : postgresql:15 (AXSA:2024-7569:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7569:01 advisory. postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 Tenable has extracted the preceding description block...

MiracleLinux 8 : postgresql:10 (AXSA:2024-7566:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7566:01 advisory. postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 Tenable has extracted the preceding description block...

MiracleLinux 9 : postgresql-13.14-1.el9_3 (AXSA:2024-7559:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7559:01 advisory. postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 Tenable has extracted the preceding description block...

MiracleLinux 8 : postgresql:12 (AXSA:2024-7567:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7567:01 advisory. postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 Tenable has extracted the preceding description block...

MiracleLinux 3 : quagga-0.98.6-5.2.0.1.AXS3 (AXSA:2010-471:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-471:02 advisory. Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi- thread approach to resolve the current...

GHSA-3FM2-XFQ7-7778 HAXcms Has Stored XSS Vulnerability that May Lead to Account Takeover

Summary Stored XSS Leading to Account Takeover Details The Exploit Chain: 1.Upload: The attacker uploads an .html file containing a JavaScript payload. 2.Execution: A logged-in administrator is tricked into visiting the URL of this uploaded file. 3.Token Refresh: The JavaScript payload makes a...

Astra Linux – Vulnerability in Zabbix

A regular Zabbix user without access to the Monitoring - Problems view can still call the problem.view.refresh action, and thus still retrieve a list of active problems...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly refreshing routes when using incorrect routes and next-hop objects, which could lead to a...

MiracleLinux 9 : kernel-5.14.0-570.35.1.el9_6 (AXSA:2025-10804:61)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10804:61 advisory. kernel: bpf, testrun: Fix use-after-free issue in ethskbpkttype CVE-2025-21867 microcodectl: From CVEorg collector CVE-2024-28956 kernel: mm/hugetl...