12 matches found
CVE-2026-60119 Hi.Events < 1.11.0 XSS via Event Title JSON.stringify Injection
Hi.Events before 1.11.0 contains a cross-site scripting vulnerability that allows authenticated attackers with event creation or edit permissions to inject arbitrary HTML and JavaScript by embedding a malicious event title containing the sequence, which is not escaped by JSON.stringify when...
kernel: wifi: brcmfmac: validate bsscfg indices in IF events
A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...
EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2026-1123)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : cifs: Fix UAF in cifsdemultiplexthreadCVE-2023-52572 net: fix data-races around sk-skforwardallocCVE-2024-53124 quota: flush...
EUVD-2009-0032
Malware in sbrugna...
EUVD-2019-15353
Malware in sbrugna...
EUVD-2022-45044
Malicious code in bioql PyPI...
CVE-2006-5039
Unspecified vulnerability in Events 1.3 beta module comevents for Joomla! has unspecified impact and attack vectors...
CVE-2025-32594 WordPress Simple WP Events plugin <= 1.8.17 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in WPMinds Simple WP Events allows Retrieve Embedded Sensitive Data. This issue affects Simple WP Events: from n/a through 1.8.17...
PT-2025-16385
Name of the Vulnerable Software and Affected Versions Argo Events versions prior to 1.9.6 Description Argo Events is an event-driven workflow automation framework for Kubernetes. A user with permission to create or modify EventSource and Sensor custom resources can gain privileged access to the...
CVE-2025-32509 WordPress Simple WP Events plugin <= 1.8.17 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WPMinds Simple WP Events simple-wp-events allows Path Traversal.This issue affects Simple WP Events: from n/a through = 1.8.17...
CVE-2024-56311
REDCap through 14.9.6 has a security flaw in the Notes section of calendar events, exposing users to a Cross-Site Request Forgery CSRF attack. An attacker can exploit this by luring users into accessing a calendar event's notes, which triggers a logout request and terminates their session. This...
SUSE-SU-2024:1400-1 Security update for the Linux Kernel (Live Patch 47 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122173 fixes several issues. The following security issues were fixed: - CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component bsc1216644. - CVE-2024-1086: Fixed a use-after-free vulnerability inside the nftables...