129 matches found
TileServer API - Cross Site Scripting
tileserver-gl up to v4.4.10 was discovered to contain a cross-site scripting XSS vulnerability via the component /data/v3/?key. id: CVE-2024-35627 info: name: TileServer API - Cross Site Scripting author: DhiyaneshDK severity: medium description: | tileserver-gl up to v4.4.10 was discovered to...
MapTiler Tileserver-php v2.0 - Unauthenticated File Read
MapTiler Tileserver-php v2.0 contains a directory traversal caused by improper sanitization of GET parameters in renderTile function, letting attackers read arbitrary files on the server, exploit requires crafted web requests id: CVE-2025-44137 info: name: MapTiler Tileserver-php v2.0 -...
TileServer GL <=3.0.0 - Cross-Site Scripting
TileServer GL through 3.0.0 is vulnerable to reflected cross-site scripting via server.js because the content of the key GET parameter is reflected unsanitized in an HTTP response for the application's main page. id: CVE-2020-15500 info: name: TileServer GL =3.0.0 - Cross-Site Scripting author:...
MapTiler Tileserver-php v2.0 - Unauthenticated XSS
MapTiler Tileserver-php v2.0 contains a reflected XSS caused by unencoded reflection of the GET parameter "layer" in an error message, letting unauthenticated attackers execute arbitrary script on victim browsers. id: CVE-2025-44136 info: name: MapTiler Tileserver-php v2.0 - Unauthenticated XSS...
GHSA-Q8MJ-M7CP-5Q26 vulnerabilities
Vulnerabilities for packages: py3-jupyterlab, argo-workflows, opensearch-dashboards, renovate, code-server, kubeflow-pipelines, saf, kubeflow-centraldashboard, tileserver-gl, thingsboard, sqlpad, json-server, langfuse, prism...
CVE-2026-8723 vulnerabilities
Vulnerabilities for packages: py3-jupyterlab, argo-workflows, opensearch-dashboards, renovate, code-server, kubeflow-pipelines, saf, kubeflow-centraldashboard, tileserver-gl, thingsboard, sqlpad, json-server, langfuse, prism...
GHSA-Q8MJ-M7CP-5Q26 vulnerabilities
Vulnerabilities for packages: argo-workflows, gitlab-rails-ce, arangodb, renovate, pelias-api, kubeflow-pipelines, gitlab-rails-ce-fips, wazuh-dashboard-fips, code-server, opensearch-dashboards-fips, langfuse, prism, tileserver-gl-fips, langfuse-fips, kubescape-grype-offline-db, tileserver-gl,...
CVE-2026-8723 vulnerabilities
Vulnerabilities for packages: argo-workflows, gitlab-rails-ce, arangodb, renovate, pelias-api, kubeflow-pipelines, gitlab-rails-ce-fips, wazuh-dashboard-fips, code-server, opensearch-dashboards-fips, langfuse, prism, tileserver-gl-fips, langfuse-fips, kubescape-grype-offline-db, tileserver-gl,...
CVE-2026-5758 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, wazuh-dashboard-fips, opensearch-dashboards-fips, tileserver-gl-fips, wazuh-dashboard, tileserver-gl...
GHSA-J452-XHG8-QG39 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, wazuh-dashboard-fips, opensearch-dashboards-fips, tileserver-gl-fips, wazuh-dashboard, tileserver-gl...
CVE-2026-5758 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, tileserver-gl...
GHSA-J452-XHG8-QG39 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, tileserver-gl...
GHSA-QJ8W-GFJ5-8C6V vulnerabilities
Vulnerabilities for packages: tileserver-gl, sqlpad, argo-workflows...
CVE-2026-34043 vulnerabilities
Vulnerabilities for packages: tileserver-gl, sqlpad, argo-workflows...
GHSA-QJ8W-GFJ5-8C6V vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, argo-workflows, wazuh-dashboard-fips, gitlab-rails-ce, sqlpad, opensearch-dashboards-fips, drupal, librechat, tileserver-gl-fips, wazuh-dashboard, tileserver-gl, gitlab-rails-ce-fips...
CVE-2026-34043 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, argo-workflows, wazuh-dashboard-fips, gitlab-rails-ce, sqlpad, opensearch-dashboards-fips, drupal, librechat, tileserver-gl-fips, wazuh-dashboard, tileserver-gl, gitlab-rails-ce-fips...
GHSA-442J-39WM-28R2 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, ts-patch, wazuh-dashboard-fips, gitlab-rails-ce, opensearch-dashboards-fips, nextcloud-server, lerna, prism, rancher-api-ui, tileserver-gl-fips, wazuh-dashboard, pelias-api, py3-jupyterlab, gitlab-rails-ce-fips, kibana...
CVE-2026-33939 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, ts-patch, wazuh-dashboard-fips, gitlab-rails-ce, opensearch-dashboards-fips, nextcloud-server, lerna, prism, rancher-api-ui, tileserver-gl-fips, wazuh-dashboard, pelias-api, py3-jupyterlab, gitlab-rails-ce-fips, kibana...
CVE-2026-33938 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, ts-patch, wazuh-dashboard-fips, gitlab-rails-ce, opensearch-dashboards-fips, nextcloud-server, lerna, prism, rancher-api-ui, tileserver-gl-fips, wazuh-dashboard, pelias-api, py3-jupyterlab, gitlab-rails-ce-fips, kibana...
GHSA-XJPJ-3MR7-GCPF vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, ts-patch, wazuh-dashboard-fips, gitlab-rails-ce, opensearch-dashboards-fips, nextcloud-server, lerna, prism, rancher-api-ui, tileserver-gl-fips, wazuh-dashboard, pelias-api, py3-jupyterlab, gitlab-rails-ce-fips, kibana...