1389 matches found
CVE-2025-40703 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
PT-2025-35208
Name of the Vulnerable Software and Affected Versions: OpenAtlas version 8.9.0 Description: A Cross-Site Scripting XSS issue exists due to inadequate validation of user input when a POST request is sent. This could allow a remote user to send specially crafted queries to an authenticated user and...
Linux Distros Unpatched Vulnerability : CVE-2020-9274
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the lookupaliasconst...
Linux Distros Unpatched Vulnerability : CVE-2023-51791
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxlparser.c in genaliasmap...
Broken Authentication
github.com/hashicorp/vault is vulnerable to Broken Authentication. The vulnerability is due to improper MFA enforcement when usernameasalias is set to true and a user has multiple CNs with leading or trailing spaces, which allows attackers to bypass MFA authentication...
CVE-2025-9234
A vulnerability was detected in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file maintenanceevents.shtm. The manipulation of the argument Alias results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used...
OESA-2025-2071 microcode_ctl security update
Security Fixes: Improper buffer restrictions for some IntelR XeonR Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.CVE-2025-20053 Improper Isolation or Compartmentalization in the stream cache mechanism for some IntelR...
CVE-2025-9234
A vulnerability was detected in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file maintenanceevents.shtm. The manipulation of the argument Alias results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used...
CVE-2025-9234
A vulnerability was detected in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file maintenanceevents.shtm. The manipulation of the argument Alias results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used...
CVE-2025-9234 Scada-LTS maintenance_events.shtm cross site scripting
A vulnerability was detected in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file maintenanceevents.shtm. The manipulation of the argument Alias results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used...
Scada-LTS 安全漏洞
Scada-LTS is an open source, web-based, multi-platform solution from Scada-LTS Open Source. A security vulnerability exists in Scada-LTS version 2.7.8.1 and earlier, which stems from an incorrect manipulation of the parameter Alias in the file maintenanceevents.shtm, resulting in a cross-site...
PT-2025-34136 · Scada-Lts · Scada-Lts
Name of the Vulnerable Software and Affected Versions: Scada-LTS versions prior to 2.7.8.2 Description: A vulnerability exists in Scada-LTS that allows for cross-site scripting XSS. The issue is related to the manipulation of the Alias argument within an unknown function of the maintenance...
Scada-LTS 代码注入漏洞
Scada-LTS is an open source, web-based, multi-platform solution from Scada-LTS Open Source. A code injection vulnerability exists in Scada-LTS version 2.7.8.1, which stems from improper manipulation of the alias parameter in the scheduledevents.shtm file, which could lead to a cross-site scriptin...
2025.3 IPU, Intel® Xeon® Processor Firmware Advisory
Summary: Potential security vulnerabilities in the Intel® Xeon® Processors may allow escalation of privilege or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2025-20053 Description: Improper buffer restriction...
Malicious code in test-mlw2-coomb-worse-level-alias (npm)
The package test-mlw2-coomb-worse-level-alias was found to contain malicious code...
Malicious code in @crabas0npm/vitae-alias-laudantium (npm)
The package @crabas0npm/vitae-alias-laudantium was found to contain malicious code...
MAL-2025-7156 Malicious code in @crabas0npm/alias-culpa-veritatis (npm)
The package @crabas0npm/alias-culpa-veritatis was found to contain malicious code...
MAL-2025-9451 Malicious code in @taktikangea/nesciunt-est-ex-alias (npm)
The package @taktikangea/nesciunt-est-ex-alias was found to contain malicious code...
MAL-2025-7146 Malicious code in @crabas0npm/accusamus-eaque-alias-ipsa (npm)
The package @crabas0npm/accusamus-eaque-alias-ipsa was found to contain malicious code...
MAL-2025-7157 Malicious code in @crabas0npm/alias-ex-excepturi-illum (npm)
The package @crabas0npm/alias-ex-excepturi-illum was found to contain malicious code...