44376 matches found
Purchase Order Management v1.0 - Cross Site Scripting (Reflected)
Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the password parameter at /purchaseorder/classes/login.php. id: CVE-2023-29623 info: name: Purchase Order Management v1.0 - Cross Site Scripting Reflected author: theamanrawat severity:...
Apache Tomcat 4.x-7.x - Cross-Site Scripting
Apache Tomcat 4.x through 7.x contains a cross-site scripting vulnerability which an attacker can use to execute arbitrary script in the browser of an unsuspecting user in the context of the affected site. id: CVE-2007-2449 info: name: Apache Tomcat 4.x-7.x - Cross-Site Scripting author:...
Grafana 8.0.0 <= v.8.2.2 - Angularjs Rendering Cross-Site Scripting
Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the...
Calibre <= 7.15.0 - Reflected Cross-Site Scripting (XSS)
It is possible to inject arbitrary JavaScript code into the /browse endpoint of the Calibre content server, allowing an attacker to craft a URL that when clicked by a victim, will execute the attacker’s JavaScript code in the context of the victim’s browser. If the Calibre server is running with...
CVE-2026-45489 Microsoft Edge (Chromium-based) Spoofing Vulnerability
...
EUVD-2026-41597
Insufficient ui warning of dangerous operations in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-58295
CVE-2026-58295 affects Microsoft Edge (Chromium-based). A resource access type confusion allows a network-based attacker to bypass a security feature without user interaction (CVSS v3.1: 8.3). No exploitation details are provided beyond MSRC reference; remediation is to apply the appropriate Edge...
CVE-2026-58293
External control of file name or path in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
CVE-2026-58293 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
...
CVE-2026-58293
CVE-2026-58293 affects Microsoft Edge (Chromium-based). It describes external control of a file name or path that allows an unauthenticated attacker to execute code over the network. The CVSSv3.1 base score is 8.1 (High) with attack vector Network, attack complexity High, privileges required None...
CVE-2026-58292 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
...
EUVD-2026-41586
Access of resource using incompatible type 'type confusion' in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
CVE-2026-58288 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
...
CVE-2026-58285
Access of resource using incompatible type 'type confusion' in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
CVE-2026-58278
Server-side request forgery ssrf in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-58276
Use after free in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
EUVD-2026-41579
Improper link resolution before file access 'link following' in Microsoft Edge Chromium-based allows an unauthorized attacker to disclose information over a network...
CVE-2026-57981 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
...
CVE-2026-57977 Microsoft Edge (Chromium-based) Spoofing Vulnerability
...
EUVD-2026-41576
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...