CVE-2026-43176

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate release report content before using for RTL8922DE The commit 957eda596c76 "wifi: rtw89: pci: validate sequence number of TX release report" does validation on existing chips, which somehow a release...

CVE-2026-43176

The CVE-2026-43176 entry refers to a vulnerability in the Linux kernel’s rtw89 WiFi driver (PCI path) affecting RTL8922DE where release report content was not properly validated. This could cause a crash (DoS) when handling a malformed TX release report. The root cause is insufficient validation ...

EUVD-2022-4216

Malicious code in bioql PyPI...

CVE-2025-5806

Jenkins Gatling Plugin 136.vb9009b3d33ae serves Gatling reports in a manner that bypasses the Content-Security-Policy protection introduced in Jenkins 1.641 and 1.625, resulting in a cross-site scripting XSS vulnerability exploitable by users able to change report content...

CVE-2025-5806

CVE-2025-5806 affects Jenkins Gatling Plugin 136.vb_9009b_3d33a_e. The vulnerability arises from serving Gatling reports in a way that bypasses CSP protections added in Jenkins 1.641/1.625, enabling cross-site scripting (XSS) exploitable by users who can change report content. CVSSv3.1 base score...

CVE-2020-2173

Jenkins Gatling Plugin 1.2.7 and earlier prevents Content-Security-Policy headers from being set for Gatling reports served by the plugin, resulting in an XSS vulnerability exploitable by users able to change report content...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the improper filtering of file contents used in generating reports from the general-template.md template. An attacker can execute arbitrary commands on the host by injecting malicious scripts into the inp...

GHSA-HV53-QJG6-5PM9 XSS vulnerability in Jenkins Gatling Plugin

Gatling Plugin 1.2.7 and earlier serves Gatling reports in a manner that bypasses the Content-Security-Policy protection introduced in Jenkins 1.641 and 1.625.3. This results in a cross-site scripting XSS vulnerability exploitable by users able to change report content. Gatling Plugin 1.3.0 no...

CloudBees Jenkins FitNesse Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...

CVE-2018-10099

Google Monorail before 2018-04-04 has a Cross-Site Search XS-Search vulnerability because CSV downloads are affected by CSRF, and calculations of download times for requests with duplicated columns can be used to obtain sensitive information about the content of bug reports...