Lucene search
K

8 matches found

CVE
CVE
added 2026/06/02 11:2 p.m.23 views

CVE-2026-40108

CVE-2026-40108 - GLPI Stored XSS in ITIL costs : Affects GLPI versions 11.0.0 through 11.0.6 where a technician can store an XSS payload in ITIL costs. The issue has been fixed in version 11.0.7. CVSS 4.0 base score is 7.1 (HIGH) with user interaction required and HIGH impact on confidentiality, ...

7.1CVSS5.7AI score0.00268EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 6:32 p.m.12 views

EUVD-2026-34006

An unauthenticated user with write access to the knowledge base can store an XSS payload in a knowledge base item. This issue affects glpi: before 11.0.7...

8.4CVSS5.8AI score0.00418EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

GLPI 跨站脚本漏洞

GLPI is an open-source IT and asset management software developed by GLPI. This software provides a comprehensive IT resource management interface, allowing you to create databases for managing various IT assets such as computers, monitors, servers, printers, network devices, telephones, and even...

8.4CVSS4.9AI score0.00418EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/19 12:16 a.m.9 views

CVE-2026-32312

GLPI is a free asset and IT management software package. In versions 11.0.0 through 11.0.6, an authenticated user with forms READ permission can export the structure of unauthorized forms. This issue has been fixed in version 11.0.7...

5.1CVSS5.7AI score0.00217EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/28 12:0 a.m.5 views

Amazon Linux 2023 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2023-2025-1252)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1252 advisory. Vulnerability in the Java SE product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Difficult to exploit vulnerability allows unauthenticated...

4.3CVSS6.2AI score0.03377EPSS
Exploits0References4
Circl
Circl
added 2022/04/23 12:28 a.m.4 views

CVE-2022-1107

creationtimestamp| type| source ---|---|--- 2022-04-23 00:28:19+00:00| seen| https://t.me/cibsecurity/41354...

7.2CVSS6.4AI score0.00253EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/07/16 10:13 a.m.6 views

OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to...

4.3CVSS6.7AI score0.03284EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2020/07/14 12:0 a.m.18 views

PT-2020-3575

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 11.0.7 and 14.0.1 Description The issue is related to insufficient input validation in the Hotspot component of Oracle Java SE. It allows an unauthenticated attacker with network access via multiple protocols to...

7.4CVSS6.8AI score0.03864EPSS
Exploits0References195
Rows per page
Query Builder