Lucene search
+L

17 matches found

euvd
euvd
added 2026/06/26 12:32 a.m.7 views

EUVD-2026-39596

A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-site scripting XSS payload into cluster objects such as ClusterVersion...

6.9CVSS5.7AI score0.00176EPSS
Exploits0References3
nvd
nvd
added 2026/06/26 12:16 a.m.9 views

CVE-2026-13083

A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-site scripting XSS payload into cluster objects such as ClusterVersion...

6.9CVSS0.00176EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/06/25 11:23 p.m.10 views

CVE-2026-13083

A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-site scripting XSS payload into cluster objects such as ClusterVersion...

6.9CVSS5.7AI score0.00176EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/25 11:23 p.m.6 views

CVE-2026-13083 Pen-drive: pen-drive: stored xss via unescaped cluster data in html report

A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-site scripting XSS payload into cluster objects such as ClusterVersion...

6.9CVSS5.6AI score0.00176EPSS
Exploits0References2
cve
cve
added 2026/06/25 11:23 p.m.21 views

CVE-2026-13083

CVE-2026-13083 concerns the Pen Drive report generator, where cluster-sourced data is rendered into HTML reports without proper escaping or sanitization, enabling stored XSS. An attacker with cluster administrator privileges can inject XSS payloads into cluster objects (e.g., ClusterVersion spec....

6.9CVSS5.7AI score0.00176EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2026/06/25 11:23 p.m.8 views

CVE-2026-13083

A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-site scripting XSS payload into cluster objects such as ClusterVersion...

6.9CVSS5.7AI score0.00176EPSS
Exploits0References3
cvelist
cvelist
added 2026/06/25 11:23 p.m.47 views

CVE-2026-13083 Pen-drive: pen-drive: stored xss via unescaped cluster data in html report

A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-site scripting XSS payload into cluster objects such as ClusterVersion...

6.9CVSS0.00176EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.14 views

PT-2026-52630

Name of the Vulnerable Software and Affected Versions Pen Drive report generator affected versions not specified Description An issue exists where cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. This allows an attacker with cluster administrator...

6.9CVSS5.6AI score0.00176EPSS
Exploits0References11
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-0819

Malware in sbrugna...

1.9CVSS6.2AI score0.0041EPSS
Exploits1References7
redhatcve
redhatcve
added 2015/10/30 9:57 a.m.27 views

CVE-2007-0822

umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensiti...

1.9CVSS6.8AI score0.0041EPSS
Exploits1References2
openvas
openvas
added 2009/04/09 12:0 a.m.37 views

Mandriva Update for util-linux MDKSA-2007:053 (util-linux)

Check for the Version of util-linux OpenVAS Vulnerability Test Mandriva Update for util-linux MDKSA-2007:053 util-linux Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

1.9CVSS6.7AI score0.0041EPSS
Exploits1References2
nessus
nessus
added 2007/03/07 12:0 a.m.24 views

Mandrake Linux Security Advisory : util-linux (MDKSA-2007:053)

Umount allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensitive information, including core file contents. Updated packages have...

1.9CVSS5.3AI score0.0041EPSS
Exploits1References1
prion
prion
added 2007/02/07 8:28 p.m.16 views

Design/Logic Flaw

umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensiti...

1.9CVSS6.2AI score0.0041EPSS
Exploits1References6Affected Software1
nvd
nvd
added 2007/02/07 8:28 p.m.29 views

CVE-2007-0822

umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensiti...

1.9CVSS6AI score0.0041EPSS
Exploits1References6
cve
cve
added 2007/02/07 8:0 p.m.57 views

CVE-2007-0822

CVE-2007-0822 describes a local-denial crash in umount when run on Linux kernel 2.6.15 with Slackware 10.2, triggered by passing a pathname to a USB pen drive that was mounted and then removed; this can lead to a NULL dereference and potential exposure of sensitive data such as core contents. Mul...

1.9CVSS5.9AI score0.0041EPSS
Exploits1References6Affected Software1
cvelist
cvelist
added 2007/02/07 8:0 p.m.28 views

CVE-2007-0822

umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensiti...

5.9AI score0.0041EPSS
Exploits1References6
debiancve
debiancve
added 2007/02/07 8:0 p.m.61 views

CVE-2007-0822

umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensiti...

1.9CVSS2AI score0.0041EPSS
Exploits1
Rows per page
Query Builder