8007 matches found
CVE-2026-30351
A path traversal vulnerability in the UI/static component of leonvanzyl autocoder commit 79d02a allows attackers to read arbitrary files via sending crafted URL path containing traversal sequences...
PaperCut MF < 25.0.10 XSS (CVE-2026-4794)
The version of PaperCut MF installed on the remote Windows host is prior to 25.0.10. It is, therefore, affected by a vulnerability: - Multiple cross-site scripting XSS vulnerabilities allow authenticated administrator users to inject arbitrary web script or HTML code via different UI fields. This...
Foxit PDF Reader < 2026.1.1 Multiple Vulnerabilities
According to its version, the Foxit PDF Reader application previously named Foxit Reader installed on the remote Windows host is prior to 2026.1.1. It is, therefore affected by multiple vulnerabilities: - Document structural anomalies caused inconsistencies between page element relationships and...
Foxit PDF Editor < 14.0.4 / 2026.1.1 Multiple Vulnerabilities
According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 2026.1.1/14.0.4. It is, therefore affected by multiple vulnerabilities: - Document structural anomalies caused inconsistencies between page element...
Foxit PDF Editor < 13.2.4 Multiple Vulnerabilities
According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 13.2.4. It is, therefore affected by multiple vulnerabilities: - Document structural anomalies caused inconsistencies between page element relationships an...
CVE-2026-41520 vulnerabilities
Vulnerabilities for packages: hubble-ui, kubescape-operator, kubescape...
BIT-GITLAB-2026-3254 Improper Restriction of Rendered UI Layers or Frames in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.1 that under certain conditions could have allowed an authenticated user to load unauthorized content into another user's browser due to improper input validation in the Mermaid sandbox...
Apache Airflow 安全漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. Prior to Apache Airflow 3.2.1, there were security...
EUVD-2026-25166
Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Prior to version 2026.416.0, an unauthenticated attacker can achieve full remote code execution on any network-accessible Paperclip instance running in authenticated mode with default configuration...
EUVD-2026-25134
IBM Guardium Data Protection 12.1 is vulnerable to cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
CVE-2026-4919
IBM Guardium Data Protection 12.1 is vulnerable to cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
IBM Guardium Data Protection 跨站脚本漏洞
IBM Guardium Data Protection is a data security and activity monitoring platform for database auditing, vulnerability assessment and compliance management. A cross-site scripting vulnerability exists in IBM Guardium Data Protection. The vulnerability stems from the failure of the Web UI to proper...
KLA91004 Multiple vulnerabilities in Microsoft Dynamics
Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Power Apps...
CVE-2026-4918
Technical details for CVE-2026-4918 are not publicly available in the provided documents. No affected products, vectors, or fixes are specified. Monitor for updates as more information may be released.
CVE-2026-4918 IBM Guardium Data Protection is affected by multiple vulnerabilities
IBM Guardium Data Protection 12.1 is vulnerable to stored cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
CVE-2026-4918 IBM Guardium Data Protection is affected by multiple vulnerabilities
IBM Guardium Data Protection 12.1 is vulnerable to stored cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
CVE-2026-4918
IBM Guardium Data Protection 12.1 is vulnerable to stored cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
CVE-2026-4919 IBM Guardium Data Protection is affected by multiple vulnerabilities
IBM Guardium Data Protection 12.1 is vulnerable to cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
CVE-2026-4919
IBM Guardium Data Protection 12.1 is vulnerable to cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
CVE-2026-4919
Technical details for CVE-2026-4919 are not publicly available in the provided documents. Monitor for updates.