3068 matches found
CVE-2026-12986
A critical vulnerability in Admin GUI in Payara Server Full 4.x, 5.x, 6.x, 7.x, 7.2026.x, 6.2025.x, 6.2024.x on All platforms that allows the attacker to leak the admin gfresttoken to an attacker-controlled host that can result in a full unauthenticated takeover of Payara admin domain. A...
CVE-2026-12986
Technical details are not publicly available in the provided documents. Monitor for updates.
EUVD-2026-38793
A critical vulnerability in Admin GUI in Payara Server Full 4.x, 5.x, 6.x, 7.x, 7.2026.x, 6.2025.x, 6.2024.x on All platforms that allows the attacker to leak the admin gfresttoken to an attacker-controlled host that can result in a full unauthenticated takeover of Payara admin domain. A...
CVE-2026-12986
A critical vulnerability in Admin GUI in Payara Server Full 4.x, 5.x, 6.x, 7.x, 7.2026.x, 6.2025.x, 6.2024.x on All platforms that allows the attacker to leak the admin gfresttoken to an attacker-controlled host that can result in a full unauthenticated takeover of Payara admin domain. A...
CVE-2026-34417
OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious content through the project request parameter in oscal-forms.php. The parameter value is URL-decoded and assigned to...
Android Wireless ADB Wireless Port Checker Flipper Zero GUI Application
This program is a Flipper Zero application that checks whether the Android Debug Bridge ADB wireless debugging port 5555 is open on a specified IP address. It integrates with the Flipper GUI system to display results directly on the device screen...
CVE-2026-34417
OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious content through the project request parameter in oscal-forms.php. The parameter value is URL-decoded and assigned to...
CVE-2026-34416
OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious input through the project request parameter. Attackers can craft a malicious URL containing unsanitized input that...
CVE-2026-34417 OSCAL-GUI Reflected XSS via project parameter in oscal-forms.php
OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious content through the project request parameter in oscal-forms.php. The parameter value is URL-decoded and assigned to...
CVE-2026-34417
OSCAL-GUI contains a reflected XSS vulnerability in oscal-forms.php. An unauthenticated attacker can inject content via the project_request parameter, which is URL-decoded and assigned to project_id in oscal-functions.php. If the provided project ID isn’t found, the unsanitized value is concatena...
CVE-2026-34417 OSCAL-GUI Reflected XSS via project parameter in oscal-forms.php
OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious content through the project request parameter in oscal-forms.php. The parameter value is URL-decoded and assigned to...
EUVD-2026-35840
OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious input through the project request parameter. Attackers can craft a malicious URL containing unsanitized input that...
CVE-2026-34416 OSCAL-GUI Reflected XSS via project parameter in oscal.php
OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious input through the project request parameter. Attackers can craft a malicious URL containing unsanitized input that...
CVE-2026-34416 OSCAL-GUI Reflected XSS via project parameter in oscal.php
OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious input through the project request parameter. Attackers can craft a malicious URL containing unsanitized input that...
CVE-2026-34416
CVE-2026-34416 : OSCAL-GUI contains a reflected cross‑site scripting vulnerability. An unauthenticated attacker can craft a URL with unsanitized input in the project parameter of oscal.php, causing the input to break out of JavaScript string/HTML attribute context in the onload handler and execut...
PT-2026-48267
OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious input through the project request parameter. Attackers can craft a malicious URL containing unsanitized input that...
CVE-2026-48103
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...
Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale Management GUI, Cluster Export Services (CES) S3 or HDFS layer are now fixed in 5.2.3.8 and 6.0.1.0 or higher
Summary The following vulnerabilities, which can affect IBM Storage Scale Management GUI jackson-core-2.17.2.jar, CVE-2026-2950, CVE-2026-4800, Cluster Export Service CES S3 CVE-2026-33186 or HDFS layer for Hadoop deployments CVE-2026-24281, CVE-2026-24308 are now fixed in 5.2.3.8 and 6.0.1.0 or...
ait-dsn (=2.0.0), ait-gui (>=2.4.0 <=2.4.1) potentially affected by CVE-2026-47731 via ait-core (>=2.3.5 <=2.5.2)
ait-core PYPI version =2.3.5, =2.4.0, =2.4.1 Source cves: CVE-2026-47731 Source advisory: OSV:GHSA-P462-PRXW-MJX4...
CVE-2026-48103 GHSL-2026-119 7-Zip WIM SecurityId OOB read
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...