CVE-2025-66421

Tryton sao aka tryton-sao before 7.6.11 allows XSS because it does not escape completion values. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.69...

DEBIAN-CVE-2025-66421

Tryton sao aka tryton-sao before 7.6.11 allows XSS because it does not escape completion values. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.69...

UBUNTU-CVE-2025-66421

Tryton sao aka tryton-sao before 7.6.11 allows XSS because it does not escape completion values. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.69...

PT-2026-2524

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the tpm2-sessions component where the name size variable lacks range checks. This could allow for out-of-range indexing, potentially leading to memory...

CVE-2025-66421

Tryton sao aka tryton-sao before 7.6.11 allows XSS because it does not escape completion values. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.69...

PT-2025-48378

Tryton sao aka tryton-sao before 7.6.11 allows XSS because it does not escape completion values. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.69...

Tryton sao 跨站脚本漏洞

Tryton sao is a web client for Tryton's open source Universal Application Platform. A cross-site scripting vulnerability exists in Tryton sao versions prior to 7.6.11, which stems from unescaped completion values and could lead to a cross-site scripting attack...

CVE-2025-66421

Tryton sao aka tryton-sao before 7.6.11 allows XSS because it does not escape completion values. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.69...

CVE-2025-66421

Tryton sao aka tryton-sao before 7.6.11 allows XSS because it does not escape completion values. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.69...

CVE-2025-66421

CVE-2025-66421 affects Tryton sao (tryton-sao) prior to 7.6.11, with an XSS vulnerability due to unescaped completion values. Affected versions are before 7.6.11, with fixes in 7.6.11, 7.4.21, 7.0.40, and 6.0.69. Impact is cross-site scripting; exploitation details are not provided in the cited d...

CVE-2025-65500

A flaw was found in libcoap. A remote attacker can cause a denial of service via a NULL pointer dereference due to improper handling of the return values of OpenSSL functions during DTLS Datagram Transport Layer Security operations...

CVE-2025-65496

A flaw was found in libcoap. A remote attacker can cause a denial of service via a NULL pointer dereference due to improper handling of the return values of OpenSSL functions during DTLS Datagram Transport Layer Security operations...

HCL Unica 安全漏洞

HCL Unica is an enterprise-level marketing automation and campaign management platform from HCL India. A security vulnerability exists in HCL Unica version 12.0.0 that stems from vulnerability to CSV formula injection attacks...

CVE-2025-51735

CSV formula injection vulnerability in HCL Technologies Ltd. Unica 12.0.0...

CVE-2025-12972

Fluent Bit outfile plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause...

EUVD-2025-199012

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There are Hard-coded configuration values...

CVE-2025-54341

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There are Hard-coded configuration values...

RHEL 8 : kernel (RHSA-2025:22072)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22072 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ALSA: usb-audio: Validate UAC...

RHEL 9 : kernel (RHSA-2025:22066)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22066 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ALSA: usb-audio: Validate UAC...

CVE-2025-54341

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There are Hard-coded configuration values...