30567 matches found
ROOT-OS-DEBIAN-12-CVE-2022-0563 CVE-2022-0563 in rootio-util-linux - Patched by Root
Root has patched CVE-2022-0563 in the rootio-util-linux package for Root:Debian:12. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-54302 CVE-2026-54302 in @rootio/n8n - Patched by Root
Root has patched CVE-2026-54302 in the @rootio/n8n package for Root:npm. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2024-7531 CVE-2024-7531 in rootio-nss - Patched by Root
Root has patched CVE-2024-7531 in the rootio-nss package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2026-50219 CVE-2026-50219 in rootio-expat - Patched by Root
Root has patched CVE-2026-50219 in the rootio-expat package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-10966 CVE-2025-10966 in rootio-curl - Patched by Root
Root has patched CVE-2025-10966 in the rootio-curl package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2024-28757 CVE-2024-28757 in rootio-expat - Patched by Root
Root has patched CVE-2024-28757 in the rootio-expat package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-25210 CVE-2026-25210 in rootio-expat - Patched by Root
Root has patched CVE-2026-25210 in the rootio-expat package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-24515 CVE-2026-24515 in rootio-expat - Patched by Root
Root has patched CVE-2026-24515 in the rootio-expat package for Root:Debian:11. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2021-23337 CVE-2021-23337 in @rootio/lodash.template - Patched by Root
Root has patched CVE-2021-23337 in the @rootio/lodash.template package for Root:npm. Multiple fixed versions available...
Jolokia 1.3.7 - Cross-Site Scripting
Jolokia 1.3.7 is vulnerable to cross-site scripting in the HTTP servlet and allows an attacker to execute malicious JavaScript in the victim's browser. id: CVE-2018-1000129 info: name: Jolokia 1.3.7 - Cross-Site Scripting author: mavericknerd,0h1in9e,daffainfo severity: medium description: |...
Nova noVNC - Open Redirect
Nova noVNC contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2021-3654 info: name: Nova noVNC - Open Redirect author: geeknik severity: medium...
H3C SSL VPN <=2022-07-10 - Cross-Site Scripting
H3C SSL VPN 2022-07-10 and prior contains a cookie-based cross-site scripting vulnerability in wnm/login/login.json svpnlang. id: CVE-2022-35416 info: name: H3C SSL VPN =2022-07-10 - Cross-Site Scripting author: 0x240x23elu severity: medium description: | H3C SSL VPN 2022-07-10 and prior contains...
Extreme Management Center 8.4.1.24 - Cross-Site Scripting
Extreme Management Center 8.4.1.24 contains a cross-site scripting vulnerability via a parameter in a GET request. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication...
Commvault CommCell - Local File Inclusion
CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13 are vulnerable to local file inclusion because an attacker can view a log file can instead view a file outside of the log-files folder. id: CVE-2020-25780 info: name: Commvault...
Django Debug Page - Cross-Site Scripting
Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5 has HTML autoescaping disabled in a portion of the template for the technical 500 debug page. We detected that right circumstances DEBUG=True are present to allow a cross-site scripting attack. id: CVE-2017-12794 info: name: Django Debug Page -...
OpenText Documentum Administrator 7.2.0180.0055 - Open Redirect
OpenText Documentum Administrator 7.2.0180.0055 is susceptible to multiple open redirect vulnerabilities. An attacker can redirect a user to a malicious site and potentially obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2017-14524 info: name: OpenText...
Eaton Intelligent Power Manager 1.6 - Directory Traversal
Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via directory traversal, which can lead to sensitive information disclosure, denial of service and code execution. id: CVE-2018-12031 info: name: Eaton Intelligent Power Manager 1.6 - Directory Traversal author: daffainfo...
Advantech R-SeeNet 2.4.12 - Cross-Site Scripting
Advantech R-SeeNet 2.4.12 contains a reflected cross-site scripting vulnerability in the telnetform.php script functionality. id: CVE-2021-21799 info: name: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting author: arafatansari severity: medium description: | Advantech R-SeeNet 2.4.12 contains a...
Post Grid <= 2.2.50 - Information Exposure via REST API
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a through 2.2.50. id: CVE-2023-40211 info: name: Post Grid = 2.2.50 - Information Exposure via REST API...
Dolibarr Unauthenticated Contacts Database Theft
An issue in Dolibarr 16 before 16.0.5 allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospects, suppliers, and employee information if a contact file exists. id: CVE-2023-33568 info: name: Dolibarr Unauthenticated Contacts Database Theft...