CVE-2023-29837

Cross Site Scripting vulnerability found in Exelysis Unified Communication Solution EUCS v.1.0 allows a remote attacker to gain privileges via the URL path of the eucsAdmin login web page...

CVE-2023-27107

Incorrect access control in the runReport function of MyQ Solution Print Server before 8.2 Patch 32 and Central Server before 8.2 Patch 22 allows users who do not have appropriate access rights to generate internal reports using a direct URL...

CVE-2023-50848

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.34.0...

CVE-2023-3862

A vulnerability was found in Travelmate Travelable Trek Management Solution 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Comment Box Handler. The manipulation of the argument comment leads to cross site scripting. The attack may be...

CVE-2023-27594

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which...

CVE-2023-45754

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form allows Stored XSS.This issue affects Easy Testimonial Slider and Form: from n/a through 1.0.18...

CVE-2023-51404

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MyAgilePrivacy My Agile Privacy – The only GDPR solution for WordPress that you can truly trust allows Stored XSS.This issue affects My Agile Privacy – The only GDPR solution for WordPress that you...

CVE-2023-42441

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine EVM. Starting in version 0.2.9 and prior to version 0.3.10, locks of the type @nonreentrant"" or @nonreentrant'' do not produce reentrancy checks at runtime. This issue is fixed in version 0.3.10. As a workaround, ensure...

CVE-2023-47226

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Post Sliders & Post Grids plugin = 1.0.20 versions...

CVE-2023-24413

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution WordPress vertical image slider plugin = 1.2.16 versions...

CVE-2023-24409

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs plugin = 1.1.15 versions...

CVE-2022-41275

In SAP Solution Manager Enterprise Search - versions 740, and 750, an unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page that could read or modify sensitive information, or expose the user to a phishing attack, with little impa...

Ubuntu: Security Advisory (USN-7527-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Node.js < 20.19.2, 21.x < 22.15.1, 23.x < 23.11.1, 24.x < 24.0.2 DoS Vulnerability - Windows

Node.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...

Node.js < 20.19.2, 21.x < 22.15.1 DoS Vulnerability - Mac OS X

Node.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...

Node.js < 20.19.2, 21.x < 22.15.1, 23.x < 23.11.1, 24.x < 24.0.2 DoS Vulnerability - Mac OS X

Node.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...

OpenSSL x509 Vulnerability (20250522) - Linux

OpenSSL is prone to a vulnerability in the x509 application. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl";...

OpenSSL x509 Vulnerability (20250522) - Windows

OpenSSL is prone to a vulnerability in the x509 application. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl";...

Mozilla Thunderbird Security Update (mfsa_2025-41) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

SonicWall SMA 1000 Series < 12.4.3-02963 SSRF (SNWLID-2025-0010)

The remote host is a SonicWall SMA 1000 Series device that may be affected by a server-side request forgery SSRF vulnerability. An SSRF vulnerability has been identified in the SMA1000 Appliance Work Place interface. By using an encoded URL, a remote unauthenticated attacker could potentially cau...