Lucene search
K

378 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/22 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-33550

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SOGo before 5.12.5 does not renew the OTP if a user disables/enables it, and has a too short length only 12 digits instead of the 20 recommended. CVE-2026-33550...

2.6CVSS6AI score0.00135EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/25 4:7 a.m.8 views

CVE-2026-3054

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

6.1CVSS3.8AI score0.00398EPSS
Exploits0References1
NVD
NVD
added 2026/02/24 3:16 a.m.9 views

CVE-2026-3054

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

6.1CVSS0.00398EPSS
Exploits0References3
OSV
OSV
added 2026/02/24 3:16 a.m.5 views

DEBIAN-CVE-2026-3054

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

6.1CVSS3.6AI score0.00398EPSS
Exploits0References1
OSV
OSV
added 2026/02/24 3:16 a.m.6 views

CVE-2026-3054

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

6.1CVSS4.3AI score
Exploits0References3
OSV
OSV
added 2026/02/24 3:16 a.m.3 views

UBUNTU-CVE-2026-3054

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

6.1CVSS4.2AI score0.00398EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/24 2:2 a.m.22 views

CVE-2026-3054 Alinto SOGo cross site scripting

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

5.3CVSS0.00398EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/24 2:2 a.m.5 views

CVE-2026-3054 Alinto SOGo cross site scripting

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

5.3CVSS3.8AI score0.00398EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/24 2:2 a.m.5 views

CVE-2026-3054

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

5.3CVSS3.8AI score0.00398EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/02/24 2:2 a.m.7 views

EUVD-2026-7411

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

5.3CVSS3.5AI score0.00398EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/02/24 2:2 a.m.11 views

CVE-2026-3054

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

6.1CVSS3.6AI score0.00398EPSS
Exploits0
CVE
CVE
added 2026/02/24 2:2 a.m.30 views

CVE-2026-3054

The CVE affects Alinto SOGo 5.12.3/5.12.4 . The vulnerability is in an unknown function where manipulating the argument hint leads to cross-site scripting (XSS) . It is described as injectable remotely with an exploit publicly available . The vendor was contacted but did not respond. The document...

6.1CVSS3.8AI score0.00398EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.13 views

PT-2026-21653

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

5.3CVSS3.7AI score0.00398EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-3054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site...

6.1CVSS4.3AI score0.00398EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.9 views

Alinto SOGo 代码注入漏洞

Alinto SOGo is an open-source collaboration office software developed by Alinto. Versions 5.12.3 and 5.12.4 of Alinto SOGo contain a code injection vulnerability. This vulnerability stems from incorrect handling of parameter hints, which may lead to cross-site scripting attacks...

6.1CVSS5.7AI score0.00398EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/02/24 12:0 a.m.4 views

CVE-2026-3054

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

6.1CVSS5.1AI score0.00398EPSS
Exploits0References4
Debian
Debian
added 2026/01/10 12:46 p.m.21 views

[SECURITY] [DLA 4434-1] sogo security update

Debian LTS Advisory DLA-4434-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost January 06, 2026 https://wiki.debian.org/LTS Package : sogo Version : 5.0.1-4+deb11u3 CVE ID : CVE-2024-34462 CVE-2025-63499 Debian Bug : 1071163 1121952 Several XSS vulnerabiltiies have...

6.1CVSS6.3AI score0.00345EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/01/10 12:0 a.m.2 views

Debian dla-4434 : sogo - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4434 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4434-1 [email protected]...

6.1CVSS6.1AI score0.00345EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2026/01/06 12:0 a.m.4 views

Debian: Security Advisory (DLA-4434-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.8AI score0.00345EPSS
Exploits2References2
OSV
OSV
added 2026/01/06 12:0 a.m.1 views

DLA-4434-1 sogo - security update

Bulletin has no description...

6.1CVSS6.9AI score0.00345EPSS
Exploits2
Rows per page
Query Builder