6 matches found
Cross-site Scripting (XSS)
Overview netbox-data-flows is a NetBox plugin to document data flows between systems and applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the ObjectAlias.name field rendered in DataFlow tables. An attacker can execute arbitrary JavaScript in the brows...
UBUNTU-CVE-2026-34000
A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,...
MAL-2025-9120 Malicious code in @npmshivamkalsi/aliquam-necessitatibus-voluptates-alias (npm)
The package @npmshivamkalsi/aliquam-necessitatibus-voluptates-alias was found to contain malicious code...
TP-Link Cloud Cameras NCXXX Bonjour Command Injection
TP-Link cloud cameras NCXXX series NC200, NC210, NC220, NC230, NC250, NC260, NC450 are vulnerable to an authenticated command injection. In all devices except NC210, despite a check on the name length in swSystemSetProductAliasCheck, no other checks are in place in order to prevent shell...
Design/Logic Flaw
The mailbox-restore feature in IBM Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 6.1 before 6.1.3.6, 6.3 before 6.3.1.3, 6.4 before 6.4.1.4, and 7.1 before 7.1.0.2; Tivoli Storage FlashCopy Manager: FlashCopy Manager for Microsoft Exchange Server 2.1, 2.2, 3.1...
CVE-2015-4950
The mailbox-restore feature in IBM Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 6.1 before 6.1.3.6, 6.3 before 6.3.1.3, 6.4 before 6.4.1.4, and 7.1 before 7.1.0.2; Tivoli Storage FlashCopy Manager: FlashCopy Manager for Microsoft Exchange Server 2.1, 2.2, 3.1...