976418 matches found
EUVD-2026-31298
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics202.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmaddstr POST parameter directly into an HTML form hidden input value attribute...
CVE-2026-48219
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics202.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmaddstr POST parameter directly into an HTML form hidden input value attribute...
CVE-2026-48218
Open ISES Tickets prior to 3.44.2 is affected by a reflected XSS in icons/buttons/landb.php. An authenticated attacker can pass unsanitized values via the frm_name and frm_id POST parameters, which are inserted into rendered HTML/inline JavaScript, enabling arbitrary JavaScript execution in the v...
CVE-2026-48218 Open ISES Tickets < 3.44.2 Reflected XSS via icons/buttons/landb.php frm_name and frm_id Parameters
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in icons/buttons/landb.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmname and frmid POST parameters directly into rendered HTML content a...
CVE-2026-48217 Open ISES Tickets < 3.44.2 Reflected XSS via delete_module.php Multiple POST Parameters
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in deletemodule.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the multiple POST parameters modulechoice, flag, confirmation directly into render...
CVE-2026-48217 Open ISES Tickets < 3.44.2 Reflected XSS via delete_module.php Multiple POST Parameters
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in deletemodule.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the multiple POST parameters modulechoice, flag, confirmation directly into render...
CVE-2026-48217
Open ISES Tickets prior to 3.44.2 is affected by a reflected XSS in delete_module.php. The vulnerability allows an authenticated attacker to inject arbitrary JavaScript by passing unsanitized values through POST parameters module_choice, flag, and confirmation, which are then rendered into HTML c...
CVE-2026-48216 Open ISES Tickets < 3.44.2 Reflected XSS via db_loader.php Multiple POST Parameters
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in dbloader.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the multiple POST parameters ticketshost, ticketsdb, ticketsuser, ticketspassword,...
CVE-2026-48216
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in dbloader.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the multiple POST parameters ticketshost, ticketsdb, ticketsuser, ticketspassword,...
CVE-2026-48216
Open ISES Tickets prior to 3.44.2 is affected by a reflected XSS in db_loader.php. An authenticated attacker can inject arbitrary JavaScript by sending unsanitized values through the POST parameters ticketshost, ticketsdb, ticketsuser, ticketspassword, ticketsprefix, and db_schema, which are then...
CVE-2026-48215
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in circle.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmid POST parameter directly into an HTML form input value attribute. Attackers can...
CVE-2026-48215
Open ISES Tickets before 3.44.2 is affected by a reflected cross-site scripting (XSS) in circle.php via the frm_id POST parameter. An authenticated attacker can inject arbitrary JavaScript by passing an unsanitized value into a form input value attribute, which executes in the victim’s browser wh...
CVE-2026-48215 Open ISES Tickets < 3.44.2 Reflected XSS via circle.php frm_id Parameter
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in circle.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmid POST parameter directly into an HTML form input value attribute. Attackers can...
CVE-2026-48215 Open ISES Tickets < 3.44.2 Reflected XSS via circle.php frm_id Parameter
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in circle.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmid POST parameter directly into an HTML form input value attribute. Attackers can...
CVE-2026-48214 Open ISES Tickets < 3.44.2 Reflected XSS via add_nm.php ticket_id Parameter
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in addnm.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid POST parameter directly into an HTML form input value attribute and an inlin...
CVE-2026-48214 Open ISES Tickets < 3.44.2 Reflected XSS via add_nm.php ticket_id Parameter
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in addnm.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid POST parameter directly into an HTML form input value attribute and an inlin...
RLSA-2025:23480 Moderate: openssh security update
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand...
RLSA-2026:6473 Important: python3 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
python3 security update
An update is available for python3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming language,...
python3 security update
An update is available for python3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming language,...