CVE-2025-51541

A stored cross-site scripting XSS vulnerability exists in the Shopware 6 installation interface at /recovery/install/database-configuration/. The cdatabaseschema field fails to properly sanitize user-supplied input before rendering it in the browser, allowing an attacker to inject malicious...

CVE-2023-26456

Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code...

CVE-2025-20181

A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches could allow an authenticated, local attacker with privilege level 15 or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the...

Code injection

The "upsell" widget at the portal page could be abused to inject arbitrary script code. Attackers that manage to lure users to a compromised account, or gain temporary access to a legitimate account, could inject script code to gain persistent code execution capabilities under a trusted domain...

CVE-2023-29049

The "upsell" widget at the portal page could be abused to inject arbitrary script code. Attackers that manage to lure users to a compromised account, or gain temporary access to a legitimate account, could inject script code to gain persistent code execution capabilities under a trusted domain...

CVE-2023-48425

U-Boot vulnerability resulting in persistent Code Execution...

CVE-2023-6181

An oversight in BCB handling of reboot reason that allows for persistent code execution...

CVE-2023-6181

An oversight in BCB handling of reboot reason that allows for persistent code execution...

Remote code execution

An oversight in BCB handling of reboot reason that allows for persistent code execution...

CVE-2023-6181

CVE-2023-6181 affects Google Chromecast/Chromecast with Google TV via an oversight in the BCB reboot-handling that occurs in U-Boot, enabling persistent code execution. The issue is described across multiple feeds as a reboot-reason handling flaw with the root cause in BCB and potential for persi...

CVE-2023-48425

U-Boot vulnerability resulting in persistent Code Execution...

Google Chromecast Security Breach

Google Chromecast is a technology from the American company Google Google. It allows you to stream your favorite entertainment and apps from your phone, tablet or laptop directly to your TV or speakers. Google Chromecast has a security vulnerability that stems from a security flaw in BCB that...

PT-2023-30845 · U-Boot · U-Boot

Name of the Vulnerable Software and Affected Versions: U-Boot affected versions not specified Description: The issue is related to a U-Boot vulnerability that results in persistent code execution. Recommendations: At the moment, there is no information about a newer version that contains a fix fo...

PT-2023-32555 · Bcb · Bcb

Name of the Vulnerable Software and Affected Versions: BCB affected versions not specified Description: The issue is related to an oversight in BCB handling of reboot reason, allowing for persistent code execution. Recommendations: At the moment, there is no information about a newer version that...

CVE-2023-45626

An authenticated vulnerability has been identified allowing an attacker to effectively establish highly privileged persistent arbitrary code execution across boot cycles...

Cross site scripting

Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code...

CVE-2023-26456

Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code...

PT-2023-20649 · Ox Guard · Ox Guard

Name of the Vulnerable Software and Affected Versions: OX Guard affected versions not specified Description: The issue allows users to set an arbitrary "product name" for OX Guard, which was not sufficiently sanitized before processing it at the user interface. This enabled indirect cross-site...

CVE-2022-20661

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...

Design/Logic Flaw

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...