58 matches found
CVE-2026-26357
Dell Unisphere for PowerMax, version(s) 9.2.4.x , contains an Improper Neutralization of Input During Web Page Generation (XSS) vulnerability. A low-privilege, remote attacker could exploit this to execute malicious HTML/JavaScript in a victim's browser within the context of the vulnerable web ap...
CVE-2026-23861
Dell Unisphere for PowerMax vApp, versions 9.2.4.x, contains an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML o...
EUVD-2023-48734
Malicious code in bioql PyPI...
EUVD-2023-48657
Malicious code in bioql PyPI...
EUVD-2022-36971
Malicious code in bioql PyPI...
EUVD-2024-22270
Malicious code in bioql PyPI...
EUVD-2024-22268
Malicious code in bioql PyPI...
EUVD-2024-22267
Malicious code in bioql PyPI...
CVE-2025-59414 Nuxt Client-Side Path Traversal in Nuxt Island Payload Revival
Nuxt is an open-source web development framework for Vue.js. Prior to 3.19.0 and 4.1.0, A client-side path traversal vulnerability in Nuxt's Island payload revival mechanism allowed attackers to manipulate client-side requests to different endpoints within the same application domain when specifi...
PT-2025-31810 · Dell · Dell Unity
Name of the Vulnerable Software and Affected Versions: Dell Unity versions 5.5 and prior Description: Dell Unity versions 5.5 and prior contain an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability. An unauthenticated attacker with remote access could...
CVE-2023-44385
The Home Assistant Companion for iOS and macOS app up to version 2023.4 are vulnerable to Client-Side Request Forgery. Attackers may send malicious links/QRs to victims that, when visited, will make the victim to call arbitrary services in their Home Assistant installation. Combined with this...
CVE-2015-5298
The Google Login Plugin versions 1.0 and 1.1 allows malicious anonymous users to authenticate successfully against Jenkins instances that are supposed to be locked down to a particular Google Apps domain through client-side request modification...
ChuanhuChatGPT 安全漏洞
ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. ChuanhuChatGPT suffers from a security bypass vulnerability that originates when a username is provided via a client-side HTTP request, which...
CVE-2024-39585
Dell SmartFabric OS10 Software, versions 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contains an Use of Hard-coded Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Client-side request forgery and Information disclosure...
CVE-2024-39585
Dell SmartFabric OS10 Software, versions 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contains an Use of Hard-coded Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Client-side request forgery and Information disclosure...
CVE-2024-39585
Dell SmartFabric OS10 exposes a Use of Hard-coded Password vulnerability affecting versions 10.5.5.4–10.5.5.10 and 10.5.6.x. The root cause is a hard-coded password that enables a low-privileged attacker with remote access to trigger client-side request forgery and information disclosure. Remedia...
CVE-2024-6620
Honeywell PC42t, PC42tp, and PC42d Printers, T10.19.020016 to T10.20.060398, contain a cross-site scripting vulnerability. An attacker could potentially inject malicious code which may lead to information disclosure, session theft, or client-side request forgery. Honeywell recommends updating to...
CVE-2024-6620
Honeywell PC42t, PC42tp, and PC42d Printers, T10.19.020016 to T10.20.060398, contain a cross-site scripting vulnerability. An attacker could potentially inject malicious code which may lead to information disclosure, session theft, or client-side request forgery. Honeywell recommends updating to...
CVE-2024-6620
Honeywell PC42t, PC42tp, and PC42d printers (firmware T10.19.020016–T10.20.060398) are affected by a cross-site scripting vulnerability. The issue could allow an attacker to inject malicious script potentially leading to information disclosure, session theft, or client-side request forgery. Remed...
CVE-2024-24904
Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data...