Lucene search
K

93 matches found

NVD
NVD
added 2026/07/07 8:16 a.m.11 views

CVE-2026-7380

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows XSS Targeting HTML Attributes. This issue affects Access Control System GKS: before Version 2...

6.1CVSS0.00149EPSS
Exploits0References1
CVE
CVE
added 2026/07/07 7:25 a.m.14 views

CVE-2026-8377

CVE-2026-8377 affects Armiya Information Technologies Ltd. Co. Access Control System (GKS) prior to version 2. The vulnerability is described as Missing/Improper Authorization allowing data collection from common resource locations. According to the connected records, the issue enables network-ba...

8.2CVSS5.9AI score0.00198EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/07 7:25 a.m.34 views

CVE-2026-8377 Improper Authorization in Armiya Technologies' Access Control System

Missing Authorization vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Collect Data from Common Resource Locations. This issue affects Access Control System GKS: before Version 2...

8.2CVSS0.00198EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/07 7:2 a.m.5 views

CVE-2026-8306

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Stored XSS. This issue affects Access Control System GKS: before Version 2...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References2
CVE
CVE
added 2026/07/07 7:2 a.m.14 views

CVE-2026-8306

CVE-2026-8306 describes a Stored XSS in Armiya Information Technologies Ltd. Co. Access Control System (GKS) prior to version 2, caused by improper neutralization of input during web page generation. The vulnerability allows stored cross-site scripting in the GKS web interface. CVSS3.1 base score...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/07 7:2 a.m.32 views

CVE-2026-8306 Stored XSS in Armiya Technologies' Access Control System

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Stored XSS. This issue affects Access Control System GKS: before Version 2...

6.1CVSS0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/07 7:2 a.m.8 views

EUVD-2026-42017

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Stored XSS. This issue affects Access Control System GKS: before Version 2...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
CVE
CVE
added 2026/07/07 6:57 a.m.13 views

CVE-2026-7380

The CVE-2026-7380 entry concerns Armiya Information Technologies Ltd. Co. Access Control System (GKS). It describes an improper neutralization of Script-Related HTML tags in a web page, enabling basic HTML attribute-based XSS. Affected: GKS Access Control System before version 2. The vulnerabilit...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/07 6:57 a.m.8 views

EUVD-2026-42016

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows XSS Targeting HTML Attributes. This issue affects Access Control System GKS: before Version 2...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/07 12:7 p.m.64 views

CVE-2026-8080 MISP core - Stored XSS in MISP template (old engine) element attribute type

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in misp allows Stored XSS. This issue affects MISP before 2.5.37. A stored cross-site scripting vulnerability exists in the template element attribute handling logic. The application accepted...

6.8CVSS0.00139EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.8 views

PT-2026-35275

Name of the Vulnerable Software and Affected Versions LogonTracer versions prior to 2.0.0 Description An OS command injection issue allows a logged-in user to execute arbitrary operating system commands. Recommendations Update to version 2.0.0 or later...

8.8CVSS8.4AI score0.01213EPSS
Exploits0References15
Vulnrichment
Vulnrichment
added 2026/04/23 12:0 a.m.7 views

CVE-2026-39087

ntfy before 2.22.0 allows SSRF because of an unanchored regular expression for web push endpoint URLs...

6.4CVSS5.9AI score0.00272EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/09 12:0 a.m.2 views

CVE-2025-45806

A cross-site scripting XSS vulnerability in rrweb-snapshot before v2.0.0-alpha.18 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

6AI score0.00239EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/25 12:27 a.m.7 views

SUSE CVE-2026-27616

Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, the application allows users to upload SVG files as task attachments. SVG is an XML-based format that supports JavaScript execution through elements such as tags or event handlers like onload. The application...

7.3CVSS6.1AI score0.00453EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/24 6:31 a.m.7 views

EUVD-2026-14770

Use After Free vulnerability in No-Chicken Echo-Mate.This issue affects Echo-Mate: before V250329...

6.4CVSS5.8AI score0.00118EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/20 12:0 a.m.3 views

CVE-2024-44722

SysAK v2.0 and before is vulnerable to command execution via aaa;cat /etc/passwd...

6AI score0.00505EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/05 6:30 a.m.7 views

EUVD-2025-208303

Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Nutrie nutrie allows Upload a Web Shell to a Web Server.This issue affects Nutrie: from n/a through 2.0.1...

9.9CVSS5.9AI score0.00434EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.7 views

The Silver Searcher 代码问题漏洞

The Silver Searcher is a code search tool developed by Geoff Greer personally. Versions of the Silver Searcher prior to 2.2.0 contained code-related vulnerabilities, specifically vulnerabilities related to null pointer dereferencing, which could lead to local crashes...

4.8CVSS5.9AI score0.00153EPSS
Exploits0References6
OSV
OSV
added 2026/02/10 10:15 a.m.7 views

CVE-2026-23720

A vulnerability has been identified in Simcenter Femap All versions V2512, Simcenter Nastran All versions V2512. The affected applications contains an out of bounds read vulnerability while parsing specially crafted NDB files. This could allow an attacker to execute code in the context of the...

7.3CVSS5.9AI score0.00162EPSS
Exploits0References1
OSV
OSV
added 2026/02/05 3:20 a.m.5 views

GO-2026-4398 WireGuard Portal v2 has Open Redirect Vulnerability in OAuth Authentication Flow in github.com/h44z/wg-portal

WireGuard Portal v2 has Open Redirect Vulnerability in OAuth Authentication Flow in github.com/h44z/wg-portal. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports fr...

5.4AI score
Exploits0References3
Rows per page
Query Builder