19 matches found
CVE-2026-34777
CVE-2026-34777 affects Electron: prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, the origin passed to session.setPermissionRequestHandler() for iframe-permission requests (fullscreen, pointerLock, keyboardLock, openExternal, or media) was the top‑level page origin instead of the requesting ...
CVE-2025-66594
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Detailed messages are displayed on the error page. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN,...
PT-2026-7059
Name of the Vulnerable Software and Affected Versions FAST/TOOLS versions R9.01 through R10.04 Description The software displays detailed messages on error pages. This information could be used by attackers for further malicious activities. Recommendations Update to a version later than R10.04...
CVE-2025-29157
An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via accessing a non-existent endpoint/cart, the server returns a 404-error page exposing sensitive information including the Servlet name default and server version...
RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers
...
Malicious code in @espace-client-axafr/page-details-contrat (npm)
The package communicates with a domain associated with malicious activity...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/bnxtre: Fixed the page details for the SRQs created by kernel consumers. When using the nvme target with usesrq, a kernel panic was observed. 549.698111 bnxten 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91...
CVE-2024-42560
A cross-site scripting XSS vulnerability in the component updatepagedetails.php of Blood Bank And Donation Management System commit dc9e039 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page Details parameter...
SUSE CVE-2025-21885
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix the page details for the srq created by kernel consumers While using nvme target with usesrq on, below kernel panic is noticed. 549.698111 bnxten 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91...
AZL-69015 CVE-2025-21885 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix the page details for the srq created by kernel consumers While using nvme target with usesrq on, below kernel panic is noticed. 549.698111 bnxten 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91...
AZL-62687 CVE-2025-21885 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix the page details for the srq created by kernel consumers While using nvme target with usesrq on, below kernel panic is noticed. 549.698111 bnxten 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91...
GHSA-38MG-WM59-G64X composio allows Server-Side Request Forgery (SSRF) in BROWSERTOOL
A Server-Side Request Forgery SSRF vulnerability exists in composiohq/composio version v0.4.4. This vulnerability allows an attacker to read the contents of any file in the system by exploiting the BROWSERTOOLGOTOPAGE and BROWSERTOOLGETPAGEDETAILS actions...
Improper Neutralization of Data within XPath Expressions ('XPath Injection')
Overview composio-core is a Core package to act as a bridge between composio platform and other services. Affected versions of this package are vulnerable to Improper Neutralization of Data within XPath Expressions 'XPath Injection' via the BROWSERTOOLGOTOPAGE and BROWSERTOOLGETPAGEDETAILS action...
CVE-2024-42560
A cross-site scripting XSS vulnerability in the component updatepagedetails.php of Blood Bank And Donation Management System commit dc9e039 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page Details parameter...
CVE-2024-42560
A cross-site scripting XSS vulnerability in the component updatepagedetails.php of Blood Bank And Donation Management System commit dc9e039 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page Details parameter...
CVE-2024-42560
A cross-site scripting XSS vulnerability in the component updatepagedetails.php of Blood Bank And Donation Management System commit dc9e039 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page Details parameter...
Blood-Bank-&-Donation-Management-System 安全漏洞
Blood-Bank-&-Donation-Management-System is a blood bank and blood donation management system by Varun Sardana, an individual developer. A security vulnerability exists in Blood-Bank-&-Donation-Management-System that stems from a cross-site scripting vulnerability contained in the...
BEAR < 1.1.4.4 - Missing Authorization
Description The BEAR plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the woobeupdatepagefield function in versions up to, and including, 1.1.4.3. This makes it possible for unauthenticated attackers to update page details...
Zope 2.x - Incorrect XML-RPC Request Information Disclosure
Zope 2.x - Incorrect XML-RPC Request Information Disclosure source: https://www.securityfocus.com/bid/5806/info A vulnerability has been reported for Zope 2.5.1 and earlier. Reportedly, Zope does not handle XML-RPC requests properly. Specially crafted XML-RPC requests may cause Zope to respond to...