58903 matches found
CVE-2026-2973
Removed by vendor...
CVE-2026-32534
CVE-2026-32534 describes an SQL Injection issue in the WordPress plugin “JS Help Desk” (js-support-ticket). The connected documentation confirms an authenticated SQL injection vulnerability in this plugin, caused by improper neutralization of SQL elements, affecting versions up to and including 3...
CVE-2026-32534 WordPress JS Help Desk plugin <= 3.0.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in JoomSky JS Help Desk js-support-ticket allows Blind SQL Injection.This issue affects JS Help Desk: from n/a through = 3.0.3...
CVE-2026-4716
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component...
CVE-2026-4702
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine component...
CVE-2026-4701
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine component...
CVE-2026-4698
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...
SUSE CVE-2026-4698
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
SUSE CVE-2026-4701
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
SUSE CVE-2026-4702
JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
SUSE CVE-2026-4716
Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
SUSE CVE-2026-4723
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...
CVE-2026-4723
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine component...
CVE-2026-21712
creationtimestamp| type| source ---|---|--- 2026-03-25 03:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/node-js-multiple-vulnerabilities20260325 2026-04-09 12:45:08+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mj2tlhrxnc2b...
SUSE CVE-2026-31809
SiYuan is a personal knowledge management system. Prior to 3.5.10, SiYuan's SVG sanitizer SanitizeSVG checks href attributes for the javascript: prefix using strings.HasPrefix. However, inserting ASCII tab , newline , or carriage return characters inside the javascript: string bypasses this prefi...
PT-2026-27777
Name of the Vulnerable Software and Affected Versions Support Board version 3.7.7 Description A Reflected Cross Site Scripting XSS issue exists in Support Board. This allows an attacker to execute JavaScript code in a user's browser. The attack vector involves sending a malicious URL to a victim,...
PT-2026-27991
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 17.7 through 18.8.6 GitLab CE/EE versions 18.9 through 18.9.2 GitLab CE/EE versions 18.10 through 18.10.0 Description An authenticated user could execute arbitrary JavaScript in a user's browser. This is due to improper...
PT-2026-28072
n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user with permission to create or modify workflows could use the JavaScript Task Runner to allocate uninitialized memory buffers. Uninitialized buffers may contain residual data fro...
PT-2026-28152
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a stored cross-site scripting vulnerability in the CCDA document preview allows an attacker who can upload or send a CCDA document to execute arbitrary JavaScript in ...
Seafile Server 安全漏洞
Seafile Server is an open-source cloud storage server software developed by Seafile, offering features for file synchronization, sharing, and collaboration management. Versions of Seafile Server such as 13.0.15, 13.0.16-pro, 12.0.14, and earlier have security vulnerabilities. These vulnerabilitie...