10036 matches found
CVE-2026-1592
Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...
CVE-2026-0620
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...
CVE-2026-0620 L2TP over IPSec Encryption Failure on ArcherAXE75
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...
CVE-2026-0620 L2TP over IPSec Encryption Failure on ArcherAXE75
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...
CVE-2026-0620
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...
EUVD-2026-5210
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...
[R1] Tenable Identity Exposure Version 3.77.16 Fixes Multiple Vulnerabilities
R1 Tenable Identity Exposure Version 3.77.16 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 02/03/2026 - 09:56 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and...
CVE-2026-1592
Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...
CVE-2026-1592
Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...
EUVD-2026-5315
Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...
CVE-2026-1592
CVE-2026-1592 affects Foxit PDF Editor Cloud (pdfonline). The vulnerability is a stored cross-site scripting (XSS) in the Create New Layer feature, where unsanitized user input is embedded into HTML output, enabling arbitrary JavaScript execution when the layer is referenced. Documents reference ...
CVE-2026-1592 Stored XSS via Create New Layer Field found in Foxit PDF Editor Cloud
Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...
CVE-2026-1592 Stored XSS via Create New Layer Field found in Foxit PDF Editor Cloud
Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...
CVE-2026-1592
Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...
CVE-2026-24935
A third-party NAT traversal module fails to validate SSL/TLS certificates when connecting to the signaling server. While subsequent access to device services requires additional authentication, a Man-in-the-Middle MitM attacker can intercept or redirect the NAT tunnel establishment. This could...
ASUSTOR ADM 安全漏洞
ASUSTOR ADM is a dedicated operating system developed by ASUSTOR Technology ASUSTOR for all ASUSTOR NAS devices. Vulnerabilities exist in versions 4.1.0 to 4.3.3.ROF1, and from version 5.0.0 to 5.1.1.RCI1 of ASUSTOR ADM. These vulnerabilities stem from the API communication component not verifyin...
PT-2026-5764
The DDNS update function in ADM fails to properly validate the hostname of the DDNS server's TLS/SSL certificate. Although the connection uses HTTPS, an improper validated TLS/SSL certificates allows a remote attacker can intercept the communication to perform a Man-in-the-Middle MitM attack, whi...
PT-2026-6048
Name of the Vulnerable Software and Affected Versions Foxit PDF Editor Cloud pdfonline versions prior to 2026-02-03 Description Foxit PDF Editor Cloud pdfonline has a stored cross-site scripting issue in the Create New Layer feature. The application embeds unsanitized user input into the HTML...
PT-2026-6013
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...
Foxit PDF Editor Cloud 安全漏洞
Foxit PDF Editor Cloud is a browser-based online PDF editing platform provided by the American company Foxit. Versions of Foxit PDF Editor Cloud prior to February 3, 2026, contained security vulnerabilities. These vulnerabilities stemmed from the inability to clean user input that was embedded in...