Lucene search
K

1800 matches found

Nuclei
Nuclei
added yesterday39 views

RosarioSIS 6.7.2 - Cross-Site Scripting

RosarioSIS version 6.7.2 and earlier contains a reflected cross-site scripting XSS vulnerability in the Preferences module. The 'tab' parameter in Modules.php is not properly sanitized, allowing an attacker to inject arbitrary JavaScript code via a crafted URL. id: CVE-2020-15718 info: name:...

6.1CVSS6.5AI score0.06325EPSS
Exploits2
NVD
NVD
added 2026/07/02 9:16 p.m.5 views

CVE-2026-58460

react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted displayname value containing dot-dot path components through a malicious ContentProvider. Attacker...

7.7CVSS0.00138EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 8:10 p.m.8 views

EUVD-2026-41437

react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted displayname value containing dot-dot path components through a malicious ContentProvider. Attacker...

7.7CVSS5.9AI score0.00138EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 8:10 p.m.14 views

CVE-2026-58460

CVE-2026-58460 affects the React Native package react-native-receive-sharing-intent. A path traversal vulnerability allows a co-resident malicious app to write files outside the intended cache directory by supplying a crafted _display_name with dot-dot path components via a malicious ContentProvi...

7.7CVSS5.9AI score0.00138EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/02 8:10 p.m.7 views

CVE-2026-58460

react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted displayname value containing dot-dot path components through a malicious ContentProvider. Attacker...

7.7CVSS5.9AI score0.00138EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.12 views

Oracle Linux 9 : firefox (ELSA-2026-20574)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-20574 advisory. 140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding R...

9.8CVSS7.2AI score0.00446EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2026/06/29 12:0 a.m.5 views

firefox security update

140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.12.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.12.0-1 - Update to 140.12.0 ESR...

9.8CVSS5.8AI score0.00605EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/06/29 12:0 a.m.4 views

firefox security update

140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.12.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.12.0-1 - Update to 140.12.0 ESR...

9.6CVSS6.1AI score0.00375EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/06/29 12:0 a.m.7 views

firefox security update

140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.12.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.12.0-1 - Update to 140.12.0 ESR...

9.8CVSS5.8AI score0.00446EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.7 views

Oracle Linux 9 : thunderbird (ELSA-2026-29940)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-29940 advisory. 140.12.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.12.0 - Add OpenELA debranding 140.12.0-1 - Update to 140.12.0 ESR Tenab...

9.6CVSS6.1AI score0.00476EPSS
Exploits0References30
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.6 views

Oracle Linux 9 : thunderbird (ELSA-2026-19348)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-19348 advisory. 140.11.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.11.0 - Add OpenELA debranding 140.11.0-1 - Update to 140.11.0 ESR...

9.8CVSS6.2AI score0.04938EPSS
Exploits1References30
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.5 views

Oracle Linux 9 : firefox (ELSA-2026-27734)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-27734 advisory. 140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding R...

9.6CVSS6.1AI score0.00476EPSS
Exploits0References30
NVD
NVD
added 2026/06/09 7:16 p.m.11 views

CVE-2023-43686

An issue was discovered in Malwarebytes 4.x and 5.x and Nebula 2020-10-21 and later. A large number of Firefox preference files can cause the parser to ignore other browser configuration files, leading to a denial of service...

6.2CVSS0.00118EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 12:0 a.m.33 views

CVE-2023-43686

An issue was discovered in Malwarebytes 4.x and 5.x and Nebula 2020-10-21 and later. A large number of Firefox preference files can cause the parser to ignore other browser configuration files, leading to a denial of service...

0.00118EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.11 views

CVE-2026-41663

Admidio is an open-source user management solution. Prior to version 5.0.9, several administrative operations in Admidio's preferences module database backup, test email, htaccess generation fire via GET requests with no CSRF token validation. Because SameSite=Lax cookies travel with top-level GE...

3.5CVSS5.4AI score0.00117EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 2:17 a.m.14 views

CVE-2026-50591

In Znuny LTS before 6.5.21 and Znuny before 7.3.3, XSS can occur via stored user preferences...

5.4CVSS0.00133EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 2:17 a.m.8 views

DEBIAN-CVE-2026-50591

In Znuny LTS before 6.5.21 and Znuny before 7.3.3, XSS can occur via stored user preferences...

5.4CVSS5.4AI score0.00133EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 1:52 a.m.7 views

CVE-2026-50591

In Znuny LTS before 6.5.21 and Znuny before 7.3.3, XSS can occur via stored user preferences...

5.4CVSS5.8AI score0.00133EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/05 1:52 a.m.15 views

EUVD-2026-34782

In Znuny LTS before 6.5.21 and Znuny before 7.3.3, XSS can occur via stored user preferences...

5.4CVSS5.8AI score0.00133EPSS
Exploits0References1
CVE
CVE
added 2026/06/05 1:52 a.m.24 views

CVE-2026-50591

Znuny LTS is affected by CVE-2026-50591: stored XSS via user preferences in versions prior to 6.5.21 and prior to 7.3.3. The CVSS vector indicates a LOW privileges requirement with user interaction and network attack vector, leading to a Confidentiality/Integrity impact in practice, with Availabi...

5.4CVSS5.8AI score0.00133EPSS
Exploits0References1
Rows per page
Query Builder