11 matches found
GHSA-3PP7-M8F5-89GX vulnerabilities
Vulnerabilities for packages: firefox-esr, firefox...
CVE-2022-50588
Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the update checking feature. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2022-50586 Nagios XI < 5.8.9 Stored XSS via BPI Info URL
Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the BPI component via the info URL field. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2022-50588 Nagios XI < 5.8.9 Stored XSS in Update Checking
Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the update checking feature. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2022-50585 Nagios XI < 5.8.9 Core Config Manager (CCM) XSS via Audit Log Page Search Input
The Core Config Manager CCM in Nagios XI versions prior to CCM 3.1.7 / Nagios XI 5.8.9 contains a cross-site scripting XSS vulnerability via the Audit Log page search input. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 5.8.9 that stems from insufficient validati...
PT-2025-33517 · WordPress · The Poll Maker – Versus Polls
Name of the Vulnerable Software and Affected Versions: Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress versions up to and including 5.8.9 Description: The WordPress plugin is susceptible to Basic Information Exposure via the ays finish poll API endpoint. This allows...
SUSE CVE-2020-26147
An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames...
The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices which could be leveraged by local attackers to map or unmap rbd block devices aka CID-f44d04e696fe.
...
March 5, 2019, update for Access 2010 (KB4018363)
March 5, 2019, update for Access 2010 KB4018363 This article describes update 4018363 for Microsoft Access 2010 that was released on March 5, 2019.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2010. It doesn't apply to th...
CVE-2025-58908
...