CVE-2026-41046

A path traversal attack when using a "configName" parameter in qSnapper before version 1.3.3 allowed a local attacker to use malicious config files for snapper and so cause a denial of service or potentially escalate privileges to root...

EUVD-2026-38263

A path traversal attack when using a "configName" parameter in qSnapper before version 1.3.3 allowed a local attacker to use malicious config files for snapper and so cause a denial of service or potentially escalate privileges to root...

CVE-2026-41046

The CVE-2026-41046 issue affects qSnapper prior to v1.3.3, where a path traversal via the configName parameter allows a local attacker to misuse config files for snapper, potentially causing denial of service or root privilege escalation. A fix is available in v1.3.3; upgrade to that version or a...

EUVD-2025-5935

Malicious code in bioql PyPI...

TRENDnet TEW-929DRU /cbi_addcert.htm page cross-site scripting vulnerability

The TRENDnet TEW-929DRU is a wireless router from TRENDnet. The TRENDnet TEW-929DRU suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the configname parameter of the /cbiaddcert.htm page, which can be exploited ...

CVE-2025-25430

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting XSS vulnerability via the configname parameter on the /cbiaddcert.htm page...

CVE-2025-25430

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting XSS vulnerability via the configname parameter on the /cbiaddcert.htm page...

CVE-2025-25430

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting XSS vulnerability via the configname parameter on the /cbiaddcert.htm page...

CVE-2025-25430

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting XSS vulnerability via the configname parameter on the /cbiaddcert.htm page...

CVE-2025-25430

CVE-2025-25430 affects the Trendnet TEW-929DRU router (firmware 1.0.0.10). The vulnerability is a stored cross-site scripting (XSS) in the /cbi_addcert.htm page, exploitable via the configname parameter. The provided sources describe the issue and confirm the affected URL/parameter, but do not in...

CVE-2025-25430

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting XSS vulnerability via the configname parameter on the /cbiaddcert.htm page...

Trendnet TEW-929DRU 安全漏洞

The TRENDnet TEW-929DRU is a wireless router from TRENDnet. The TRENDnet TEW-929DRU suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the configname parameter of the /cbiaddcert.htm page, which can be exploited ...

Emissary Information Disclosure Vulnerability

Emissary is a software application. A P2P-based data-driven workflow engine that runs across heterogeneous and potentially widely distributed multi-tier P2P network computing resources. An information disclosure vulnerability exists in Emissary version 5.9.0, which can be exploited by an attacker...

CVE-2021-32093

The ConfigFileAction component of U.S. National Security Agency NSA Emissary 5.9.0 allows an authenticated user to read arbitrary files via the ConfigName parameter...

Emissary 安全漏洞

Emissary is a software application. A P2P-based data-driven workflow engine that runs across heterogeneous and potentially widely distributed multi-tier P2P network computing resources. An information disclosure vulnerability exists in Emissary version 5.9.0, which can be exploited by an attacker...