14 matches found
CVE-2025-40643
Stored Cross-Site Scripting XSS vulnerability in Energy CRM v2025 by Status Tracker Ltd, consisting of a stored XSS due to lack of proper validation of user input by sending a POST request to “/crm/createjobsubmit.php”, using the “JobCreatedBy” parameter. This vulnerability could allow a remote...
CVE-2025-40643 Stored Cross-Site Scripting (XSS) in Energy CRM by Status Tracker
Stored Cross-Site Scripting XSS vulnerability in Energy CRM v2025 by Status Tracker Ltd, consisting of a stored XSS due to lack of proper validation of user input by sending a POST request to “/crm/createjobsubmit.php”, using the “JobCreatedBy” parameter. This vulnerability could allow a remote...
CVE-2025-40643
Energy CRM v2025 by Status Tracker Ltd contains a Stored XSS in the /crm/create_job_submit.php endpoint via the JobCreatedBy input. The lack of proper validation allows an attacker to craft a request that could be stored and later executed in an authenticated user’s browser, potentially exposing ...
EUVD-2025-35664
Stored Cross-Site Scripting XSS vulnerability in Energy CRM v2025 by Status Tracker Ltd, consisting of a stored XSS due to lack of proper validation of user input by sending a POST request to “/crm/createjobsubmit.php”, using the “JobCreatedBy” parameter. This vulnerability could allow a remote...
Energy CRM 跨站脚本漏洞
Energy CRM is an enterprise resource management system from Energy UK. A cross-site scripting vulnerability exists in Energy CRM version v2025, which stems from insufficient validation of user input for the parameter JobCreatedBy in the file /crm/createjobsubmit.php, which could lead to a stored...
EUVD-2022-0862
Malicious code in bioql PyPI...
accel/ivpu: Fix locking order in ivpu_job_submit
...
CVE-2022-24684
HashiCorp Nomad and Nomad Enterprise 0.9.0 through 1.0.16, 1.1.11, and 1.2.5 allow operators with job-submit capabilities to use the spread stanza to panic server agents. Fixed in 1.0.18, 1.1.12, and 1.2.6...
PT-2025-22169 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A deadlock issue in the Linux kernel has been identified, specifically in the ivpu job submit function. This occurs due to an incorrect locking order when a thread aborts currently...
UBUNTU-CVE-2022-24683
HashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with read-fs and alloc-exec or job-submit capabilities to read arbitrary files on the host filesystem as root...
CVE-2022-24684
HashiCorp Nomad and Nomad Enterprise 0.9.0 through 1.0.16, 1.1.11, and 1.2.5 allow operators with job-submit capabilities to use the spread stanza to panic server agents. Fixed in 1.0.18, 1.1.12, and 1.2.6...
CVE-2022-24684
HashiCorp Nomad and Nomad Enterprise 0.9.0 through 1.0.16, 1.1.11, and 1.2.5 allow operators with job-submit capabilities to use the spread stanza to panic server agents. Fixed in 1.0.18, 1.1.12, and 1.2.6...
UBUNTU-CVE-2022-24684
HashiCorp Nomad and Nomad Enterprise 0.9.0 through 1.0.16, 1.1.11, and 1.2.5 allow operators with job-submit capabilities to use the spread stanza to panic server agents. Fixed in 1.0.18, 1.1.12, and 1.2.6...
CVE-2022-24684
HashiCorp Nomad and Nomad Enterprise 0.9.0 through 1.0.16, 1.1.11, and 1.2.5 allow operators with job-submit capabilities to use the spread stanza to panic server agents. Fixed in 1.0.18, 1.1.12, and 1.2.6...