CVE-2026-30224

Technical details for CVE-2026-30224 are not publicly provided in the provided documents; no affected product/version or remediation specifics are included beyond the initial description. Monitor for updates from official advisories.

Linux Distros Unpatched Vulnerability : CVE-2025-46336

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rack::Session is a session management implementation for Rack. In versions starting from 2.0.0 to before 2.1.1, when using the Rack::Session::Pool middleware, a...

SUSE CVE-2025-46336

Rack::Session is a session management implementation for Rack. In versions starting from 2.0.0 to before 2.1.1, when using the Rack::Session::Pool middleware, and provided the attacker can acquire a session cookie already a major issue, the session may be restored if the attacker can trigger a lo...

Cross site scripting

The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. Prior to version 1.2.0, a cross-site scripting vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Use...

CVE-2023-37570 Insufficient Session Expiration Vulnerability in Emagic Data Center Management Suite

This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...

Cross-site Scripting (XSS) - Stored in pimcore/web2print-tools

Description Stored XSS in the Description of the Favorite Output Channel Configurations. Steps to reproduce 1.Go to https://demo.pimcore.fun/admin/ and login. 2.In the left menu bar, click the Settings icon then choose Favorite Output Channel Configurations, the Favorite Output Channel...

Cross-site Scripting (XSS) - Stored in snipe/snipe-it

Description Cross site scripting vulnerability in checkout page in notes field Proof of Concept 1.Login to the demo page. 2. Go to accessories , select any product and add payload in the checkout notes 3. click save and open the product xss will trigger payload = " Impact This vulnerability is...

Cross-site Scripting (XSS) - Reflected in collectiveaccess/providence

Description Reflected XSS in form Search. After report https://huntr.dev/bounties/b76d075f-f6b2-40f0-b08e-a56e934d7c60/ I have retested the vulnerability and my payload is able to bypass your filter mechanism. The input tag of the search form was escaped by my payload Step to Reproduct Login to...

DMA Softlab Radius Manager 授权问题漏洞

DMA Softlab Radius Manager is an application from DMA Softlab Inc. An easy-to-use management system for Mikrotik, Cisco, StarOS, Chillispot, DD-WRT, pfSense NAS devices and DOCSIS CMTS. An unauthorized access vulnerability exists in DMA Softlab Radius Manager version 4.4.0 that stems from a cooki...