Lucene search
K

325 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-13976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in Storage in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentiall...

5.8CVSS6.2AI score0.0018EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-52938

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix NULL pointer dereference in bpfskstorageclone and diag paths bpfselemunlinknofail sets SDATAselem-smap to NULL before removing the selem from the stora...

5.5CVSS6AI score0.001EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.13 views

SolidInvoice 跨站脚本漏洞

SolidInvoice is an open-source invoice processing application developed by SolidInvoice. Versions of SolidInvoice prior to 2.3.17 contained a cross-site scripting vulnerability. This vulnerability stemmed from the company logo upload feature not verifying file types. As a result, authenticated...

8.1CVSS4.9AI score0.0031EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

QloApps 跨站脚本漏洞

QloApps is an open-source hotel management and reservation system developed by QloApps. Versions of QloApps 1.7.0 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based cross-site scripting vulnerability in the administrator’s file manager. It...

4.8CVSS5.3AI score0.0023EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 12:0 a.m.43 views

CVE-2025-67448

The SMS module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to stored XSS. The application does not properly sanitize user input in SMS messages before storing and displaying them. An attacker can send an SMS containing a malicious XSS payload, which will be executed in the...

7.1CVSS0.00196EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

HAX 安全漏洞

HAX is an open-source microsite managed using HAX+CMS with a PHP backend. Versions of HAX 26.0.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the /system/api/saveNode endpoint, which had a storage-oriented cross-site scripting vulnerability. Users with edit...

8.7CVSS5.7AI score0.00228EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.14 views

LinkAce 跨站脚本漏洞

LinkAce is a self-hosted repository developed by Kevin Woblick, designed to collect links to your favorite websites. Versions of LinkAce prior to 2.5.6 had a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based cross-site scripting flaw. Low-privilege users could se...

8.5CVSS5.7AI score0.00306EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

WordPress plugin Events In City 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. In...

6.4CVSS5.7AI score0.00235EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/22 2:17 p.m.11 views

EUVD-2021-8780

Dell VxRail versions before 7.0.200 contain a Plain-text Password Storage Vulnerability in VxRail Manager. A sys-admin user may exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable...

6.7CVSS5.7AI score0.00117EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.18 views

PT-2026-42758

Name of the Vulnerable Software and Affected Versions Dell PowerFlex Manager versions prior to 4.6.3 Description An insecure storage of sensitive information allows an unauthenticated attacker with local access to potentially gain unauthorized access to sensitive data. Recommendations Update to a...

5.5CVSS5.8AI score0.00103EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Storage in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...

6.5CVSS6.7AI score0.00743EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Storage in Google Chrome before version 141.0.7390.65 allowed a remote attacker to execute arbitrary code through a crafted video file. Chromium security severity: High...

8.8CVSS8.3AI score0.00314EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 105.0.5195.125, writing out of bounds in Storage using Google Chrome allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.01002EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.13 views

Nozomi Networks Guardian和Nozomi Networks CMC 跨站脚本漏洞

Nozomi Networks Guardian and Nozomi Networks CMC are both products of the American company Nozomi Networks. Nozomi Networks Guardian is an IoT device and software inspection system. Nozomi Networks CMC is an application software that provides centralized OT and IoT security management. Both Nozom...

5.9CVSS5.7AI score0.00194EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2026/05/18 12:0 a.m.6 views

The vulnerability of the software for storing and analyzing distributed tracebacks of Grafana Tempo, related to the storage of information in an open manner, allows a perpetrator to gain unauthorized access to the protected information.

The vulnerability of the software for storing and analyzing distributed tracebacks of Grafana Tempo involves the storage of information in an open manner. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

7.8CVSS5.8AI score0.00155EPSS
Exploits0References4Affected Software3
RedHat Linux
RedHat Linux
added 2026/05/14 7:50 p.m.16 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS6AI score0.04938EPSS
Exploits1References26
GithubExploit
GithubExploit
added 2026/05/13 3:25 p.m.109 views

Stored-XSS-Vulnerability-Lab-Detection-Mitigation-

Stored Cross-Site Scripting XSS Vulnerability Report Exe...

6AI score
Exploits0
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

WeGIA 跨站脚本漏洞

WeGIA is a web manager for welfare institutions developed by Nilson Lazarin. Versions of WeGIA prior to 3.7.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the Description field in the funcionario/profilefuncionario.php endpoint not being cleaned properly, which...

6.4CVSS5.6AI score0.00281EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/04 7:16 p.m.9 views

Incus Vulnerable to Panic via Snapshot Bounds Check

Summary Missing validation logic in the storage volume import logic allows an authenticated user with access to Incus' storage volume feature to cause the Incus daemon to crash. Repeated use of this issue can be used to keep Incus offline causing a denial of service. Details The backup restore...

7.1CVSS5.8AI score0.00408EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.15 views

Notesnook 跨站脚本漏洞

Notesnook is an end-to-end encrypted note application developed by Streetwriters. Versions of Notesnook for Web/Desktop prior to 3.3.15, as well as versions for iOS/Android prior to 3.3.20, had a cross-site scripting vulnerability. This vulnerability stemmed from the lack of HTML escaping for...

9.6CVSS6AI score0.00477EPSS
Exploits0References1
Rows per page
Query Builder