276243 matches found
EUVD-2026-5192
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, type confusion allowed malformed ICC profiles to trigger undefined behavior when loading invalid icImageEncodingType values causin...
CVE-2025-8587
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AKCE Software Technology R Industry and Trade Inc. SKSPro allows SQL Injection.This issue affects SKSPro: through 07012026...
CVE-2019-25261
AnyDesk 5.4.0 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially inject malicious executables. Attackers can exploit the unquoted binary path to place malicious files in service executable locations, potentially gaining...
CVE-2025-6397
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS. This issue affects Website Software: through 03022026. NOTE: The vendor was contacted early about this disclosure but did...
Exploit for CVE-2026-21721
💥 CVE-2026-21721 Exploit Написал exploit для CVE-2026-21721...
CVE-2025-6397 XSS in Ankara Hosting's web site
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS. This issue affects Website Software: through 03022026. NOTE: The vendor was contacted early about this disclosure but did...
EUVD-2025-206769
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS.This issue affects Website Software: through 03022026. NOTE: The vendor was contacted early about this disclosure but did...
CVE-2025-6397
The CVE-2025-6397 entry corresponds to an XSS in Ankara Hosting Website Design Website Software, specifically a Reflected XSS due to improper neutralization of input during web page generation. The PT-2026-5942 detail identifies the affected software as Ankara Hosting Website Design Website Softw...
CVE-2025-6397 XSS in Ankara Hosting's web site
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS. This issue affects Website Software: through 03022026. NOTE: The vendor was contacted early about this disclosure but did...
CVE-2025-6397
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS. This issue affects Website Software: through 03022026. NOTE: The vendor was contacted early about this disclosure but did...
CVE-2025-41065
Stored Cross-Site Scripting XSS vulnerability type in LUNA software v7.5.5.6. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by inyecting a malicious payload through the 'Edit Batch Name' function. THe payload is stored by the application and subsequently...
EUVD-2025-206731
Stored Cross-Site Scripting XSS vulnerability type in LUNA software v7.5.5.6. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by inyecting a malicious payload through the 'Edit Batch Name' function. THe payload is stored by the application and subsequently...
CVE-2025-41065
Stored XSS in Luna Imaging LUNA software v7.5.5.6 allows an attacker to inject a payload via the Edit Batch Name function; the payload is stored and later rendered unsafely, enabling potential theft of session cookies or actions on behalf of users. The issue is described across multiple sources (...
CVE-2025-41065
Stored Cross-Site Scripting XSS vulnerability type in LUNA software v7.5.5.6. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by inyecting a malicious payload through the 'Edit Batch Name' function. THe payload is stored by the application and subsequently...
CVE-2025-8461
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Seres Software syWEB allows Reflected XSS. This issue affects syWEB: through 03022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
EUVD-2025-206659
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Seres Software syWEB allows Reflected XSS.This issue affects syWEB: through 03022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
CVE-2025-8461 Reflected XSS in Seres Software's syWEB
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Seres Software syWEB allows Reflected XSS. This issue affects syWEB: through 03022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
CVE-2025-8461 Reflected XSS in Seres Software's syWEB
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Seres Software syWEB allows Reflected XSS. This issue affects syWEB: through 03022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
CVE-2025-8461
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Seres Software syWEB allows Reflected XSS. This issue affects syWEB: through 03022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
BIT-KYVERNO-2026-23881 Kyverno Denial of Service via Context Variable Amplification in Policy Engine
Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially...