15 matches found
CVE-2026-45392
DOM-based cross-site scripting XSS in Cribl Stream before 4.17.1 allows a remote attacker to execute arbitrary JavaScript in the browser of an authenticated user who is tricked into visiting a crafted URL and interacting with the page...
CVE-2026-45391
A command injection vulnerability in Cribl Edge for Linux versions 3.2.0 through 4.17.0 allows a local unprivileged user to execute arbitrary commands in the context of the Cribl Edge service account...
CVE-2026-45393
A vulnerability chain in Cribl Edge for Windows before 4.17.1 allows a local authenticated user to escalate privileges to NT AUTHORITY\SYSTEM. Incorrect default permissions on the Windows installer's authentication directory CWE-276 expose a cryptographic secret used for JWT signing and...
CVE-2026-45392 DOM-based XSS in Cribl Stream
DOM-based cross-site scripting XSS in Cribl Stream before 4.17.1 allows a remote attacker to execute arbitrary JavaScript in the browser of an authenticated user who is tricked into visiting a crafted URL and interacting with the page...
CVE-2026-29642
A local attacker who can execute privileged CSR operations or can induce firmware to do so performs carefully crafted reads/writes to menvcfg e.g., csrrs in M-mode. On affected XiangShan versions commit aecf601e803bfd2371667a3fb60bfcd83c333027, 2024-11-19, these menvcfg accesses can unexpectedly...
CVE-2025-68128
reserved but not needed...
CVE-2025-68126
reserved but not needed...
CVE-2025-68125
reserved but not needed...
CVE-2025-58184
reserved but not needed...
PT-2025-48188
Name of the Vulnerable Software and Affected Versions Revive Adserver affected versions not specified Description The software contains a flaw in username validation that allows anyone to register look-alike accounts and impersonate administrators. This issue persists after a previous fix for...
CVE-2025-47915
reserved but not needed...
PT-2024-21943 · Undefined · Undefined
Hey everyone, I don’t actually publicly share my findings/achievements, but wanted to make a change. So as an update I got the confirmation on my 2xCVEs. CVE-2024-27555 CVE-2024-27556 I hope to get these officially publicized soon so they are no longer "reserved" BugBounty...
CVE-2023-45291
reserved but not needed...
CVE-2021-26134
RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. Recent assessments: femkebolle at November 22, 2023 3:56pm UTC reported: As ...
CVE-2007-4579
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2931. Reason: This candidate is a reservation duplicate of CVE-2007-2931. Notes: All CVE users should reference CVE-2007-2931 instead of this candidate. All references and descriptions in this candidate have been removed to...