955 matches found
SUSE: Security Advisory (SUSE-SU-2026:20976-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2026-5370
A vulnerability was identified in krayin laravel-crm up to 2.2. Impacted is the function composeMail of the file packages/Webkul/Admin/tests/e2e-pw/tests/mail/inbox.spec.ts of the component Activities Module/Notes Module. The manipulation leads to cross site scripting. Remote exploitation of the...
EUVD-2026-18484
A vulnerability was identified in krayin laravel-crm up to 2.2. Impacted is the function composeMail of the file packages/Webkul/Admin/tests/e2e-pw/tests/mail/inbox.spec.ts of the component Activities Module/Notes Module. The manipulation leads to cross site scripting. Remote exploitation of the...
Cross-site Scripting (XSS)
Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the composeMail function...
CVE-2026-5370
A vulnerability was identified in krayin laravel-crm up to 2.2. Impacted is the function composeMail of the file packages/Webkul/Admin/tests/e2e-pw/tests/mail/inbox.spec.ts of the component Activities Module/Notes Module. The manipulation leads to cross site scripting. Remote exploitation of the...
CVE-2026-5370 krayin laravel-crm Activities Module/Notes inbox.spec.ts composeMail cross site scripting
A vulnerability was identified in krayin laravel-crm up to 2.2. Impacted is the function composeMail of the file packages/Webkul/Admin/tests/e2e-pw/tests/mail/inbox.spec.ts of the component Activities Module/Notes Module. The manipulation leads to cross site scripting. Remote exploitation of the...
CVE-2026-5370
The vulnerability CVE-2026-5370 affects krayin laravel-crm up to 2.2 . The issue is in the Activities Module/Notes Module specifically the function composeMail in the file path shown, where manipulation leads to cross-site scripting . Remote exploitation is possible and the exploit is publicly av...
Webkul Krayin CRM 代码注入漏洞
Webkul Krayin CRM is a free and open-source CRM solution for small and medium-sized businesses from the Indian company Webkul. Versions of Webkul Krayin CRM 2.2 and earlier contained a code injection vulnerability. This vulnerability stemmed from an error in the composeMail function of the...
SUSE CVE-2026-33532
yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...
SUSE-SU-2026:20949-1 Security update for docker-compose
This update for docker-compose fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253584. - CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validat...
SUSE-SU-2026:20976-1 Security update for docker-compose
This update for docker-compose fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253584. - CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validat...
GHSA-4C29-8RGM-JVJJ vulnerabilities
Vulnerabilities for packages: trivy, kubescape, docker-compose, guac, podman, docker-cli-buildx, kaniko, zot, scorecard, osv-scanner, conftest, trivy-operator, buildah, skaffold...
GHSA-4VRQ-3VRQ-G6GG vulnerabilities
Vulnerabilities for packages: trivy, kubescape, docker-compose, guac, podman, docker-cli-buildx, kaniko, zot, scorecard, osv-scanner, conftest, trivy-operator, buildah, skaffold...
CVE-2026-33747 vulnerabilities
Vulnerabilities for packages: trivy, kubescape, docker-compose, guac, podman, docker-cli-buildx, kaniko, zot, scorecard, osv-scanner, conftest, trivy-operator, buildah, skaffold...
CVE-2026-33748 vulnerabilities
Vulnerabilities for packages: trivy, kubescape, docker-compose, guac, podman, docker-cli-buildx, kaniko, zot, scorecard, osv-scanner, conftest, trivy-operator, buildah, skaffold...
GHSA-4VRQ-3VRQ-G6GG vulnerabilities
Vulnerabilities for packages: conftest-fips, kubescape-server-fips, buildah, docker-cli-buildx-fips, docker-compose, osv-scanner, trivy, cloudbeat, docker-cli-buildx, trivy-operator, zot, kaniko, kaniko-fips, livekit-cli, skaffold-fips, podman, kubescape, docker-compose-fips, podman-fips,...
GHSA-4C29-8RGM-JVJJ vulnerabilities
Vulnerabilities for packages: conftest-fips, kubescape-server-fips, buildah, docker-cli-buildx-fips, docker-compose, osv-scanner, trivy, cloudbeat, docker-cli-buildx, trivy-operator, zot, kaniko, kaniko-fips, livekit-cli, skaffold-fips, podman, kubescape, docker-compose-fips, podman-fips,...
CVE-2026-33748 vulnerabilities
Vulnerabilities for packages: conftest-fips, kubescape-server-fips, buildah, docker-cli-buildx-fips, docker-compose, osv-scanner, trivy, cloudbeat, docker-cli-buildx, trivy-operator, zot, kaniko, kaniko-fips, livekit-cli, skaffold-fips, podman, kubescape, docker-compose-fips, podman-fips,...
CVE-2026-33747 vulnerabilities
Vulnerabilities for packages: conftest-fips, kubescape-server-fips, buildah, docker-cli-buildx-fips, docker-compose, osv-scanner, trivy, cloudbeat, docker-cli-buildx, trivy-operator, zot, kaniko, kaniko-fips, livekit-cli, skaffold-fips, podman, kubescape, docker-compose-fips, podman-fips,...
DEBIAN-CVE-2026-33532
yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...