2313 matches found
Astra Linux - уязвимость в postgresql-11
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct dollar quoting, '', or "". If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with...
Astra Linux - уязвимость в twitter-bootstrap3
Improper neutralization of input during web page generation XSS or “cross-site scripting” vulnerability in Bootstrap allows cross-site scripting. This issue affects Bootstrap: from version 3.4.1 to 4.0.0...
CVE-2026-7508
A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an unknown function of the file resources/views/pages/show.blade.php of the component Page Creation Handler. Performing a manipulation of the argument body results in code injection. Remote exploitation of the attack is possible...
CVE-2026-7508
Bootstrap CMS 0.9.0-alpha is affected by a code-injection vulnerability in the Page Creation Handler, specifically via the file resources/views/pages/show.blade.php where manipulating the body argument triggers injection. Remote exploitation is possible and an exploit has been published. The proj...
EUVD-2026-26456
A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an unknown function of the file resources/views/pages/show.blade.php of the component Page Creation Handler. Performing a manipulation of the argument body results in code injection. Remote exploitation of the attack is possible...
CVE-2026-7508 Bootstrap CMS Page Creation show.blade.php code injection
A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an unknown function of the file resources/views/pages/show.blade.php of the component Page Creation Handler. Performing a manipulation of the argument body results in code injection. Remote exploitation of the attack is possible...
CVE-2026-7508
A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an unknown function of the file resources/views/pages/show.blade.php of the component Page Creation Handler. Performing a manipulation of the argument body results in code injection. Remote exploitation of the attack is possible...
CVE-2026-7508 Bootstrap CMS Page Creation show.blade.php code injection
A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an unknown function of the file resources/views/pages/show.blade.php of the component Page Creation Handler. Performing a manipulation of the argument body results in code injection. Remote exploitation of the attack is possible...
Bootstrap CMS 注入漏洞
Bootstrap CMS is an open-source content management system based on PHP. The Bootstrap CMS 0.9.0-alpha version has a vulnerability due to an unknown function in the Page Creation Handler component file resources/views/pages/show.blade.php, which allows for code injection when manipulating the body...
PT-2026-36212
Name of the Vulnerable Software and Affected Versions Bootstrap CMS version 0.9.0-alpha Description An issue exists in the Page Creation Handler component within the file resources/views/pages/show.blade.php. Manipulation of the body argument allows for remote code injection, which is the executi...
CVE-2026-41386
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability where bootstrap setup codes are not bound to intended device roles and scopes during pairing. Attackers can exploit this during first-use device pairing to escalate privileges beyond their intended role and scope...
EUVD-2026-26096
OpenClaw before 2026.3.22 contains an incomplete host environment variable sanitization vulnerability in host-env-security-policy.json and host-env-security.ts that allows package-manager environment overrides. Attackers can exploit approved exec requests to redirect package resolution or runtime...
CVE-2026-41386 OpenClaw < 2026.3.22 - Privilege Escalation via Unbound Bootstrap Setup Codes
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability where bootstrap setup codes are not bound to intended device roles and scopes during pairing. Attackers can exploit this during first-use device pairing to escalate privileges beyond their intended role and scope...
CVE-2026-41386 OpenClaw < 2026.3.22 - Privilege Escalation via Unbound Bootstrap Setup Codes
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability where bootstrap setup codes are not bound to intended device roles and scopes during pairing. Attackers can exploit this during first-use device pairing to escalate privileges beyond their intended role and scope...
CVE-2026-41386
OpenClaw is affected by a privilege-escalation vulnerability in bootstrap pairing where unbound bootstrap setup codes can be misassociated with device roles/scopes. Affected software: openclaw (npm). Vulnerable versions are
EUVD-2026-26095
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability where bootstrap setup codes are not bound to intended device roles and scopes during pairing. Attackers can exploit this during first-use device pairing to escalate privileges beyond their intended role and scope...
GHSA-58QW-9MGM-455V vulnerabilities
Vulnerabilities for packages: nemo, azureml-inference-server-http-fips, pypy-3.10, tensorflow-cpu-jupyter, py3-pip-wheel-bootstrap, pypy-3.11, tensorflow-gpu-jupyter, py3-pip, azureml-inference-server-http, ansible-operator, py3-hashin, azure-functions-host, datadog-agent-fips, localstack,...
CVE-2026-3219 vulnerabilities
Vulnerabilities for packages: nemo, azureml-inference-server-http-fips, pypy-3.10, tensorflow-cpu-jupyter, py3-pip-wheel-bootstrap, pypy-3.11, tensorflow-gpu-jupyter, py3-pip, azureml-inference-server-http, ansible-operator, py3-hashin, azure-functions-host, datadog-agent-fips, localstack,...
CVE-2026-3219 vulnerabilities
Vulnerabilities for packages: tensorflow-cpu-jupyter, py3-pip-wheel-bootstrap, pypy-3.11, kubeflow-katib, datadog-agent, py3-pip, pypy-3.10...
GHSA-58QW-9MGM-455V vulnerabilities
Vulnerabilities for packages: tensorflow-cpu-jupyter, py3-pip-wheel-bootstrap, pypy-3.11, kubeflow-katib, datadog-agent, py3-pip, pypy-3.10...