2190 matches found
Important: cuda-toolkit-13-1
Issue Overview: NVIDIA Nsight Systems contains a vulnerability in the gfxhotspot recipe, where an attacker could cause an OS command injection by supplying a malicious string to the processnsysrepcli.py script if the script is invoked manually. A successful exploit of this vulnerability might lea...
CLSA-2026-1771601553 Fix CVE(s): CVE-2026-21925, CVE-2026-21932, CVE-2026-21933, CVE-2026-21945
OpenJDK 8u482 release + CVE-2026-21945: enhance Certificate Checking + CVE-2026-21932: enhance Handling of URIs + CVE-2026-21933: improve HttpServer Request handling + CVE-2026-21925: improve JMX connections - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2026-January/020959.html...
CVE-2025-14445
The Image Hotspot by DevVN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hotspotcontent' custom field meta in all versions up to, and including, 1.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2019-25415
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the hotspotpermanentusers endpoint. Attackers can send POST requests with JavaScript payloads in the MACADDRESSES parameter to...
CVE-2019-25415
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the hotspotpermanentusers endpoint. Attackers can send POST requests with JavaScript payloads in the MACADDRESSES parameter to...
CVE-2019-25415 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via hotspot_permanent_users
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the hotspotpermanentusers endpoint. Attackers can send POST requests with JavaScript payloads in the MACADDRESSES parameter to...
CVE-2019-25415
Comodo Dome Firewall 2.7.0 is affected by a reflected XSS in the hotspot_permanent_users endpoint. An attacker can submit unsanitized input via MACADDRESSES in a POST to inject JavaScript that runs in users’ browsers. CVSS metrics: CVSSv3.1 base 6.1 (NETWORK, LOW complexity, NONE privileges, USER...
CVE-2019-25415 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via hotspot_permanent_users
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the hotspotpermanentusers endpoint. Attackers can send POST requests with JavaScript payloads in the MACADDRESSES parameter to...
CVE-2025-14445
The Image Hotspot by DevVN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hotspotcontent' custom field meta in all versions up to, and including, 1.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-14445 Image Hotspot by DevVN <= 1.2.9 - Authenticated (Author+) Stored Cross-Site Scripting via Custom Field Meta
The Image Hotspot by DevVN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hotspotcontent' custom field meta in all versions up to, and including, 1.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-14445 Image Hotspot by DevVN <= 1.2.9 - Authenticated (Author+) Stored Cross-Site Scripting via Custom Field Meta
The Image Hotspot by DevVN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hotspotcontent' custom field meta in all versions up to, and including, 1.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-14445
CVE-2025-14445 concerns the Image Hotspot by DevVN WordPress plugin. It allows Stored Cross‑Site Scripting via the hotspot_content custom field in all versions up to 1.2.9, requiring an authenticated attacker with author+ privileges. The impact described is that injected scripts execute when user...
WordPress Image Hotspot by DevVN plugin <= 1.2.9 - Authenticated (Author+) Stored Cross-Site Scripting via Custom Field Meta vulnerability
Authenticated Author+ Stored Cross-Site Scripting via Custom Field Meta vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Image Hotspot by DevVN versions = 1.2.9...
Comodo Dome Firewall 跨站脚本漏洞
Comodo Dome Firewall is a unified threat management and next-generation firewall provided by the Chinese company Comodo. Version 2.7.0 of Comodo Dome Firewall contains a cross-site scripting vulnerability. This vulnerability stems from improper cleaning of the MACADDRESSES parameter input in the...
PT-2026-20818
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the hotspot permanent users endpoint. Attackers can send POST requests with JavaScript payloads in the MACADDRESSES parameter to...
WordPress plugin Image Hotspot by DevVN 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-20618
The Image Hotspot by DevVN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hotspot content' custom field meta in all versions up to, and including, 1.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
Important: cuda
Issue Overview: NVIDIA Nsight Systems contains a vulnerability in the gfxhotspot recipe, where an attacker could cause an OS command injection by supplying a malicious string to the processnsysrepcli.py script if the script is invoked manually. A successful exploit of this vulnerability might lea...
Important: nsight-systems-2025.5.2
Issue Overview: NVIDIA Nsight Systems contains a vulnerability in the gfxhotspot recipe, where an attacker could cause an OS command injection by supplying a malicious string to the processnsysrepcli.py script if the script is invoked manually. A successful exploit of this vulnerability might lea...
Important: cuda-13-1
Issue Overview: NVIDIA Nsight Systems contains a vulnerability in the gfxhotspot recipe, where an attacker could cause an OS command injection by supplying a malicious string to the processnsysrepcli.py script if the script is invoked manually. A successful exploit of this vulnerability might lea...