Security Bulletin: IBM Maximo Application Suite - Predict Component was using vulnerable library urllib3-2.6.2 which is vulnerable to CVE-2026-21441

Summary IBM Maximo Application Suite - Predict Component was using vulnerable library urllib3-2.6.2-py3-none-any.whl which is vulnerable to CVE-2026-21441. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-21441 DESCRIPTION: urllib3 is an HTTP...

CVE-2023-43301

An issue in DARTS SHOP MAXIM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

EUVD-2024-43397

Malicious code in bioql PyPI...

EUVD-2023-34888

Malicious code in bioql PyPI...

3DAlloy 跨站脚本漏洞

3DAlloy is a lightweight 3D viewer from the individual developer Maxim Martynov. A cross-site scripting vulnerability exists in 3DAlloy 1.8 and earlier versions, which stems from not cleaning up a custom attribute on the canvas HTML element and could lead to the execution of arbitrary JavaScript...

CVE-2023-30877

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Maxim Glazunov XML for Google Merchant Center plugin = 3.0.1 versions...

CVE-2024-49335

Cross-Site Request Forgery CSRF vulnerability in sh4d0w28 GoogleDrive folder list googledrive-folder-list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through = 2.2.2...

CVE-2024-47725

REJECTED CVE An issue has been identified in the Linux Kernel's dm-verity module, which ensures integrity verification for block devices. This issue arises because dm-verity does not crash when an I/O error occurs. In certain scenarios, an attacker could exploit this behavior by crafting sectors...

CVE-2024-47725

CVE-2024-47725 is rejected/not used and does not represent an active vulnerability entry.

CVE-2024-49335

Cross-Site Request Forgery CSRF vulnerability in sh4d0w28 GoogleDrive folder list googledrive-folder-list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through = 2.2.2...

CVE-2024-49335

Cross-Site Request Forgery CSRF vulnerability in Edush Maxim GoogleDrive folder list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through 2.2.2...

CVE-2024-49335

CVE-2024-49335 is a CSRF to Stored XSS in the WordPress GoogleDrive folder list plugin (versions

CVE-2024-49335 WordPress GoogleDrive folder list plugin <= 2.2.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in sh4d0w28 GoogleDrive folder list googledrive-folder-list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through = 2.2.2...

PT-2024-33476 · Unknown · Edush Maxim Googledrive Folder List

Name of the Vulnerable Software and Affected Versions: Edush Maxim GoogleDrive folder list versions n/a through 2.2.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in Edush Maxim GoogleDrive folder list, which allows Stored XSS. This can lead to Stored Cross Site...

Russian National Jailed for Smuggling US Military Tech to Russia

Russian businessman sentenced to 3 years for smuggling military-grade microelectronics to Russia via Hong Kong. Maxim Marchenko used…...

CVE-2021-47242 mptcp: fix soft lookup in subflow_error_report()

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix soft lookup in subflowerrorreport Maxim reported a soft lookup in subflowerrorreport: watchdog: BUG: soft lockup - CPU0 stuck for 22s! swapper/0:0 RIP: 0010:nativequeuedspinlockslowpath RSP: 0018:ffffa859c0003bc0 EFLAG...

CVE-2024-33918

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maxim K AJAX Login and Registration modal popup + inline form allows Stored XSS.This issue affects AJAX Login and Registration modal popup + inline form: from n/a through 2.23...

CVE-2024-33918

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maxim K AJAX Login and Registration modal popup + inline form allows Stored XSS.This issue affects AJAX Login and Registration modal popup + inline form: from n/a through 2.23...

CVE-2024-33918

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maxim K AJAX Login and Registration modal popup + inline form allows Stored XSS.This issue affects AJAX Login and Registration modal popup + inline form: from n/a through 2.23...

UBUNTU-CVE-2024-33918

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maxim K AJAX Login and Registration modal popup + inline form allows Stored XSS.This issue affects AJAX Login and Registration modal popup + inline form: from n/a through 2.23...