4566 matches found
CVE-2026-48591 Stored XSS via unescaped HTML attribute values in earmark
Improper Neutralization of Script in Attributes in a Web Page vulnerability in pragdave earmark allows stored cross-site scripting via unescaped HTML attribute values. 'Elixir.Earmark.Transform':makeatt1/2 in lib/earmark/transform.ex splices attribute values verbatim between two literal " bytes: ...
Linux Distros Unpatched Vulnerability : CVE-2026-53613
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - upstream upgrade with security fixes: - CVE-2026-53612 - libmount: TOCTOU attack via ancestor directory swap during mount - CVE-2026-53613 - libmount: SUID bypa...
Linux Distros Unpatched Vulnerability : CVE-2026-12448
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to perform privilege escalation via a...
Linux Distros Unpatched Vulnerability : CVE-2026-12449
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.155 allowed a local attacker to perform OS-level privilege escalation via a malicio...
Linux Distros Unpatched Vulnerability : CVE-2026-12457
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in Extensions. CVE-2026-12457 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900...
Linux Distros Unpatched Vulnerability : CVE-2026-53612
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - util-linux - None Ubuntu Linux - Local Privilege Escalation via TOCTOU in mount8 hookowner.c chmod/chown CVE-2026-53612 Note that Nessus relies o...
Linux Distros Unpatched Vulnerability : CVE-2026-12455
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Tab Strip in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage in specific UI gestures to...
Linux Distros Unpatched Vulnerability : CVE-2026-53614
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - util-linux - None Ubuntu Linux - Local Privilege Escalation via LIBMOUNTFORCEMOUNT2 Environment Variable - nosuid/noexec Bypass in SUID mount8...
Linux Distros Unpatched Vulnerability : CVE-2026-12464
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Browser in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a...
Linux Distros Unpatched Vulnerability : CVE-2026-12295
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape in the DOM: Navigation component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and...
Linux Distros Unpatched Vulnerability : CVE-2026-12306
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. CVE-2026-12306...
Linux Distros Unpatched Vulnerability : CVE-2026-12299
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and...
Linux Distros Unpatched Vulnerability : CVE-2026-12330
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the Internationalization component. This vulnerability was fixed in Firefox ESR 140.12, Firefox ESR 115.37, and Thunderbird...
Linux Distros Unpatched Vulnerability : CVE-2026-12325
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Denial-of-service in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and...
CraftCMS - Remote Code Execution
Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.15, and 5.0.0-RC1 to before 5.6.17, Craft is vulnerable to remote code execution. This is a high-impact, low-complexity...
ROOT-APP-NPM-CVE-2026-39865 CVE-2026-39865 in @rootio/axios - Patched by Root
Root has patched CVE-2026-39865 in the @rootio/axios package for Root:npm. Multiple fixed versions available...
Linux Distros Unpatched Vulnerability : CVE-2026-39043
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - gst-plugins-good1.0 - None Ubuntu Linux - Unknown description CVE-2026-39043 Note that Nessus relies on the presence of the package as reported b...
ROOT-OS-DEBIAN-11-CVE-2022-2881 CVE-2022-2881 in rootio-bind9 - Patched by Root
Root has patched CVE-2022-2881 in the rootio-bind9 package for Root:Debian:11. Multiple fixed versions available...
CVE-2026-12203 HKUDS AI-Trader Research Export agents.csv information disclosure
A vulnerability was found in HKUDS AI-Trader up to 74caf996f78dcc0c657df8365c8544678a16e215. This affects an unknown part of the file /api/research/agents.csv of the component Research Export. Performing a manipulation results in information disclosure. Remote exploitation of the attack is...
Linux Distros Unpatched Vulnerability : CVE-2026-49452
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - weasyprint - None Ubuntu Linux - Unknown description CVE-2026-49452 Note that Nessus relies on the presence of the package as reported by the...