1000 matches found
EUVD-2026-43541
Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Glarysoft Glary Utilities. An attacker must first obtain the ability to execute low-privileged code on the target system...
CVE-2026-15684
Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Glarysoft Glary Utilities. An attacker must first obtain the ability to execute low-privileged code on the target system...
CVE-2026-15684
CVE-2026-15684 affects Glarysoft Glary Utilities. The flaw resides in the Disk Clean functionality, where an attacker who can run low-privileged code can abuse a folder junction to delete arbitrary files, enabling a local privilege escalation to SYSTEM and potential arbitrary code execution. The ...
CVE-2026-15684 Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability
Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Glarysoft Glary Utilities. An attacker must first obtain the ability to execute low-privileged code on the target system...
EUVD-2026-43090
vulnerability in Drupal Clean RESTful allows . This issue affects Clean RESTful versions:...
EUVD-2026-43048
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Anti-Spam by CleanTalk allows Reflected XSS. This issue affects Anti-Spam by CleanTalk versions: from 0.0.0 to 9.7.1...
CVE-2026-15087
vulnerability in Drupal Clean RESTful allows . This issue affects Clean RESTful versions:...
CVE-2026-10770
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Anti-Spam by CleanTalk allows Reflected XSS. This issue affects Anti-Spam by CleanTalk versions: from 0.0.0 to 9.7.1...
CVE-2026-15087
CVE-2026-15087 concerns Drupal Clean RESTful. Connected PT-2026-56667 confirms affected versions are Drupal Clean RESTful versions *, i.e., all versions, but details on the exact vulnerability, root cause, exploitability, or fixes are not provided in the connected documents. The related Drupal SA...
CVE-2026-15087 Clean RESTful - Critical - Unsupported - SA-CONTRIB-2026-078
vulnerability in Drupal Clean RESTful allows . This issue affects Clean RESTful versions:...
PT-2026-57873
Name of the Vulnerable Software and Affected Versions Glarysoft Glary Utilities affected versions not specified Description A local privilege escalation flaw exists in the Disk Clean functionality. An attacker with low-privileged code execution capabilities on the target system can create a...
CVE-2026-58469
GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the cleanmetalinkstring function within src/metalink.c that allows a malicious server to trigger memory corruption by serving a Metalink document containing a whitespace-only URL. Attackers can cau...
CVE-2026-58469
GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the cleanmetalinkstring function within src/metalink.c that allows a malicious server to trigger memory corruption by serving a Metalink document containing a whitespace-only URL. Attackers can cau...
OPENSUSE-SU-2026:11191-1 python313-lxml_html_clean-0.4.5-1.1 on GA media
These are all security issues fixed in the python313-lxmlhtmlclean-0.4.5-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-58263 Jodit Editor: Mutation XSS in jodit clean-html via a MathML/style rawtext carrier
Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. In versions prior to 4.12.28, the built-in clean-html sanitizer can be bypassed by a MathML/ carrier that hides a dangerous element from the sanitizer's element walk, so a no-interaction event...
CVE-2026-58263
CVE-2026-58263 affects Jodit Editor prior to 4.12.28. The built‑in clean-html sanitizer can be bypassed via a MathML/ carrier, allowing a no‑interaction event handler (e.g., onload) to survive in the editor value. When attacker‑supplied HTML is rendered (element.innerHTML = editor.value), the han...
[SECURITY] Fedora 43 Update: vmod-querystring-2.0.3-11.fc43
The purpose of this module is to give you a fine-grained control over a URL's query-string in Varnish Cache. It's possible to remove the query-string, clean it, sort its parameters or filter it to only keep a subset of them. This can greatly improve your hit ratio and efficiency with Varnish,...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: btrfssetheadergeneration must not be moved to after cleantreeblock, because cleantreeblock calls btrfsheadergeneration from commit 55c69072d6bd5be1 “Btrfs: Fix extentbuffer usage when nodesize != leafsize”. In...
PT-2026-50725
Name of the Vulnerable Software and Affected Versions Kirby versions prior to 4.9.4 Kirby versions prior to 5.4.4 Description Kirby sites with the content.fileRedirects option enabled allow unauthenticated users to access clean file URLs for files stored in top-level draft pages. The system...
EUVD-2026-37629
Unauthenticated Insecure Direct Object References IDOR in Clean Login = 1.15 versions...