CVE-2026-32843

Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...

EUVD-2026-13113

Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...

CVE-2026-32843

A reflected cross-site scripting (XSS) vulnerability affects Location Aware Sensor System by LinkIt ONE up to commit f06bd20 (2023-04-26) in PM25.php. The issue arises from allowing unencoded payloads via GET parameters (site, city, district, channel, or apikey), enabling remote attackers to exec...

CVE-2026-32843

Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...

CVE-2026-32843 Linkit ONE Location Aware Sensor System (LASS) Reflected XSS via PM25.php

Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...

CVE-2026-32843 Linkit ONE Location Aware Sensor System (LASS) Reflected XSS via PM25.php

Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...

EUVD-2012-2297

Malware in sbrugna...

EUVD-2021-17556

Malware in sbrugna...

EUVD-2015-3406

Malware in sbrugna...

CVE-2021-30636

In MediaTek LinkIt SDK before 4.6.1, there is a possible memory corruption due to an integer overflow during mishandled memory allocation by pvPortCalloc and pvPortRealloc...

CVE-2021-30636

In MediaTek LinkIt SDK before 4.6.1, there is a possible memory corruption due to an integer overflow during mishandled memory allocation by pvPortCalloc and pvPortRealloc...

CVE-2021-30636

In MediaTek LinkIt SDK before 4.6.1, there is a possible memory corruption due to an integer overflow during mishandled memory allocation by pvPortCalloc and pvPortRealloc...

Integer overflow

In MediaTek LinkIt SDK before 4.6.1, there is a possible memory corruption due to an integer overflow during mishandled memory allocation by pvPortCalloc and pvPortRealloc...

CVE-2021-30636

MediaTek LinkIt SDK prior to 4.6.1 is vulnerable to memory corruption due to an integer overflow in memory allocation calls pvPortCalloc and pvPortRealloc (CVE-2021-30636). Reported impact is memory corruption on the target device; CVSS vectors in public sources indicate high severity. Remediatio...

CVE-2021-30636

In MediaTek LinkIt SDK before 4.6.1, there is a possible memory corruption due to an integer overflow during mishandled memory allocation by pvPortCalloc and pvPortRealloc...

DRUPAL-CONTRIB-2021-042

Linkit provides an easy interface for internal and external linking with WYSIWYG editors by using an autocomplete field. It does not sufficiently sanitize user input. This vulnerability is mitigated by the fact that an attacker must have a role with the permission to create or edit an entity bund...

Linkit - Moderately critical - Cross Site Scripting - SA-CONTRIB-2021-042

Linkit provides an easy interface for internal and external linking with WYSIWYG editors by using an autocomplete field. It does not sufficiently sanitize user input. This vulnerability is mitigated by the fact that an attacker must have a role with the permission to create or edit an entity bund...

MediaTek LinkIt SDK 输入验证错误漏洞

MediaTek LinkIt SDK is a MediaTek LinkIt open source application. An input validation error vulnerability exists in MediaTek LinkIt SDK versions prior to 4.6.1, which stems from an incorrect memory allocation can lead to arbitrary memory allocation, which can result in unexpected behavior such as...

Drupal Linkit Module Access Bypass Vulnerability

Drupal is a free and open source content management system developed in PHP. An access bypass vulnerability exists in the Drupal Linkit module. An attacker can exploit this vulnerability to perform unauthorized operations bypassing some security restrictions...

Linkit - Moderately Critical - Access Bypass - DRUPAL-SA-CONTRIB-2017-033

Linkit provides an easy interface for internal and external linking with WYSIWYG editors by using an autocomplete field. When searching for entities, this module doesn't always enforce the access restrictions and users may see information about entities they should not be able to access. This is...