25957 matches found
CVE-2026-10173 Orthanc Explorer 2 URL StudyList.vue cross site scripting
A weakness has been identified in Orthanc Explorer 2 up to 1.12.0. The impacted element is an unknown function of the file WebApplication/src/components/StudyList.vue of the component URL Handler. This manipulation of the argument remote-source causes cross site scripting. It is possible to...
PT-2026-45177
A weakness has been identified in Orthanc Explorer 2 up to 1.12.0. The impacted element is an unknown function of the file WebApplication/src/components/StudyList.vue of the component URL Handler. This manipulation of the argument remote-source causes cross site scripting. It is possible to...
Orthanc Explorer 2 代码注入漏洞
Orthanc Explorer 2 is a user interface plugin for the Orthanc Server’s open-source medical imaging management system. Versions of Orthanc Explorer 2 prior to 1.12.0 contained a code injection vulnerability. This vulnerability stemmed from the param operation in the File...
Hitachi Energy ITT600 Explorer
SUMMARY Hitachi Energy is aware of vulnerabilities that affect ITT600 Explorer product versions listed in this document. These vulnerabilities can be exploited to carry out Denial of Service DoS attack on the product. The vulnerabilities only affect Hitachi Energy Integrated Testing Tool ITT600...
CVE-2018-25344
10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering a structured exception handler overwrite. Attackers can craft a malicious registration key string...
CVE-2018-25344
10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering a structured exception handler overwrite. Attackers can craft a malicious registration key string...
CVE-2018-25344 10-Strike Network Inventory Explorer 8.54 Buffer Overflow SEH
10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering a structured exception handler overwrite. Attackers can craft a malicious registration key string...
CVE-2018-25344 10-Strike Network Inventory Explorer 8.54 Buffer Overflow SEH
10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering a structured exception handler overwrite. Attackers can craft a malicious registration key string...
10-Strike Network Inventory Explorer 安全漏洞
10-Strike Network Inventory Explorer is a scanning software developed by 10-Strike Corporation. It is used to track hardware and software on network computers. Version 8.54 of 10-Strike Network Inventory Explorer contains a security vulnerability. This vulnerability stems from a stack-based buffe...
EUVD-2026-31386
A cross-site scripting XSS vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window, enabling attackers to...
CVE-2026-9264
CVE-2026-9264 affects SketchUp 2026 where the Dynamic Components feature fails to sanitize inputs in the component options window. The root cause is improper input sanitization, allowing a crafted SKP to run arbitrary system commands and read local files via an embedded Internet Explorer 11 brows...
PT-2026-42704
A cross-site scripting XSS vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window, enabling attackers to...
Trimble SketchUp 安全漏洞
Trimble SketchUp is a 3D modeling software developed by Trimble in the United States. It is designed for architects, urban planning experts, producers, game developers, and professionals in related fields. Trimble SketchUp has a security vulnerability that stems from improper handling of dynamic...
Microsoft’s Retired IE Tool MSHTA Now Being Used in Fileless Malware Attacks
Despite Internet Explorer’s retirement, hackers are abusing the legacy MSHTA utility in stealthy fileless malware attacks targeting Windows users...
Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object. The impacted product could be end-of-life EoL and/or end-of-service EoS. Users shoul...
Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object. The impacted product could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product...
CVE-2026-42316
kafka-sink-azure-kusto Kafka Connect plugin is the official Microsoft sink for Azure Data Explorer Kusto. Prior to 5.2.3, kafka-sink-azure-kusto did not sanitize user-controlled values inside the kusto.tables.topics.mapping configuration. The db, table, mapping, and format fields of each mapping...
CVE-2026-42316 KQL injection via kusto.tables.topics.mapping in kafka-sink-azure-kusto
kafka-sink-azure-kusto Kafka Connect plugin is the official Microsoft sink for Azure Data Explorer Kusto. Prior to 5.2.3, kafka-sink-azure-kusto did not sanitize user-controlled values inside the kusto.tables.topics.mapping configuration. The db, table, mapping, and format fields of each mapping...
CVE-2026-42316 KQL injection via kusto.tables.topics.mapping in kafka-sink-azure-kusto
kafka-sink-azure-kusto Kafka Connect plugin is the official Microsoft sink for Azure Data Explorer Kusto. Prior to 5.2.3, kafka-sink-azure-kusto did not sanitize user-controlled values inside the kusto.tables.topics.mapping configuration. The db, table, mapping, and format fields of each mapping...
EUVD-2026-29124
kafka-sink-azure-kusto Kafka Connect plugin is the official Microsoft sink for Azure Data Explorer Kusto. Prior to 5.2.3, kafka-sink-azure-kusto did not sanitize user-controlled values inside the kusto.tables.topics.mapping configuration. The db, table, mapping, and format fields of each mapping...