5229 matches found
CVE-2025-27260
CVE-2025-27260 affects Ericsson Indoor Connect 8855 (versions before 2025.Q3). It covers an Improper Filtering of Special Elements vulnerability that can lead to unauthorized modification of certain information. CVSSv4 base score 7.2 (HIGH): Attack vector NETWORK, complexity LOW, privileges REQUI...
CVE-2025-27260
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special Elements vulnerability which, if exploited, can lead to unauthorized modification of certain information...
CVE-2025-27260 Ericsson Indoor Connect 8855 - Improper Filtering of Special Elements Vulnerability
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special Elements vulnerability which, if exploited, can lead to unauthorized modification of certain information...
CVE-2025-27260 Ericsson Indoor Connect 8855 - Improper Filtering of Special Elements Vulnerability
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special Elements vulnerability which, if exploited, can lead to unauthorized modification of certain information...
SUSE CVE-2026-31807
SiYuan is a personal knowledge management system. Prior to 3.5.10, SiYuan's SVG sanitizer SanitizeSVG blocks dangerous elements , , and removes on event handlers and javascript: in href attributes. However, it does NOT block SVG animation elements , which can dynamically set attributes to dangero...
PT-2026-27847
Name of the Vulnerable Software and Affected Versions Softwebmedia Gyan Elements versions n/a through 2.2.1 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, potentially leading to reflected cross-site scripting XSS. This allows an...
WordPress plugin ChatBot SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-27763
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special Elements vulnerability which, if exploited, can lead to unauthorized modification of certain information...
WordPress plugin Gyan Elements 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Ericsson Indoor Connect 安全漏洞
Ericsson Indoor Connect is a small indoor base station developed by the Swedish company Ericsson. Versions of Ericsson Indoor Connect prior to 8855 2025.Q3 contained security vulnerabilities. These vulnerabilities were due to improper handling of special elements, which could allow unauthorized...
WordPress Gyan Elements plugin <= 2.2.1 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Gyan Elements versions = 2.2.1...
SUSE CVE-2026-23278
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part of the new batch. If...
DEBIAN-CVE-2026-33144
GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow write vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gfxmlparsebitsequencebs function in utils/xmlbincustom.c when processing a crafted NHML file containing malicious...
CVE-2026-33144
GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow write vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gfxmlparsebitsequencebs function in utils/xmlbincustom.c when processing a crafted NHML file containing malicious...
UBUNTU-CVE-2026-33144
GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow write vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gfxmlparsebitsequencebs function in utils/xmlbincustom.c when processing a crafted NHML file containing malicious...
CVE-2026-33144 GPAC MP4Box Heap Buffer Overflow Write in gf_xml_parse_bit_sequence_bs (NHML BS Parsing)
GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow write vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gfxmlparsebitsequencebs function in utils/xmlbincustom.c when processing a crafted NHML file containing malicious...
CVE-2026-23278
A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftables component. This vulnerability occurs during transaction processing when the system incorrectly handles multiple pending catchall elements, particularly when the associated map is being removed. This can...
EUVD-2026-13614
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part of the new batch. If...
CVE-2026-23278
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part of the new batch. If...
UBUNTU-CVE-2026-23278
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part of the new batch. If...