EUVD-2026-21579

GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side request forgery vulnerability that allows authenticated users with document upload permissions to trigger arbitrary outbound HTTP requests by providing a malicious URL via the docurl parameter during document upload...

CVE-2026-30247

WeKnora (LLM-powered document framework) prior to version 0.2.12 is vulnerable to SSRF via HTTP redirects during the Import document via URL flow. Backend URL validation blocks private IPs, loopback, reserved hostnames, and cloud metadata, but redirect targets are not validated, enabling bypass t...

EUVD-2020-27954

Malware in sbrugna...

CVE-2022-37774

There is a broken access control vulnerability in the Maarch RM 2.8.3 solution. When accessing some specific document pdf, email from an archive, a preview is proposed by the application. This preview generates a URL including an md5 hash of the file accessed. The document's URL https://url/tmp/M...

Description of the security update for SharePoint Enterprise Server 2016: March 9, 2021 (KB4493232)

Description of the security update for SharePoint Enterprise Server 2016: March 9, 2021 KB4493232 Summary This security update resolves a Microsoft SharePoint Spoofing Vulnerability and SharePoint Server Information Disclosure Vulnerability. To learn more about the vulnerabilities, see the...

Cross-Site Scripting (XSS)

@elastic/app-search-javascript is vulnerable to cross-site scripting XSS. An attacker is able to inject and execute arbitrary Javascript in a user's browser via a document URL in the reference UI...

Alfresco 5.2.4 - Persistent Cross-Site Scripting

Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Date: 2020-03-02 Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software Link: https://www.alfresco.com/ecm-software Versio...

Alfresco 5.2.4 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software Link:...

UBUNTU-CVE-2011-1191

Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of DOM URLs...

Solaris Update for in.fingerd 111233-01

Check for the Version of in.fingerd OpenVAS Vulnerability Test Solaris Update for in.fingerd 111233-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...