4 matches found
PT-2026-34940
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the KVM x86 component. This occurs when the emulator initiates a write using an on-stack local variable as the source, the write splits a page boundary,...
PT-2026-5242
Name of the Vulnerable Software and Affected Versions Drupal Canvas versions prior to 1.0.4 Description The Drupal Canvas module has an authorization issue that allows forceful browsing of Canvas Pages when they are unpublished. The module does not adequately validate access to Canvas Pages,...
CVE-2025-9981
QuickCMS is vulnerable to multiple Stored XSS in slider editor functionality sliders-form. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed on every page. By default admin user is not able to add JavaScript into the website. T...
UBUNTU-CVE-2017-5378
Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content using these hash codes. This vulnerability affects Thunderbird 45.7, Firefox ESR 45....