20048 matches found
DEBIAN-CVE-2026-23643
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1...
CVE-2026-23643
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1...
UBUNTU-CVE-2026-23643
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1...
GHSA-QH8M-9QXX-53M5 CakePHP PaginatorHelper::limitControl() vulnerable to reflected cross-site-scripting
Impact The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. Patches This issue has been fixed in 5.2.12 and 5.3.1 Workarounds If you are unable to upgrade, you should avoid using Paginator::limitControl until you can upgrade...
CVE-2026-23643
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1...
CVE-2026-23643
The CVE-2026-23643 entry concerns CakePHP and a cross-site-scripting vulnerability in PaginatorHelper::limitControl() triggered by query string manipulation. Affected versions are fixed in 5.2.12 and 5.3.1; upgrade to at least those releases to mitigate. The vulnerability description is corrobora...
CVE-2026-23643 CakePHP PaginatorHelper::limitControl() vulnerable to reflected cross-site-scripting
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1...
CVE-2026-23643 CakePHP PaginatorHelper::limitControl() vulnerable to reflected cross-site-scripting
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1...
CVE-2026-23643 CakePHP PaginatorHelper::limitControl() vulnerable to reflected cross-site-scripting
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1...
CVE-2026-23643
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1...
Active Job - Object injection security vulnerability
Active Job vulnerability: An Active Job bug allowed String arguments to be deserialized as if they were Global IDs, an object injection security vulnerability...
GHSA-MPWP-4H2M-765C Active Job - Object injection security vulnerability
Active Job vulnerability: An Active Job bug allowed String arguments to be deserialized as if they were Global IDs, an object injection security vulnerability...
CVE-2021-47818 DupTerminator 1.4.5639.37199 - Denial of Service
DupTerminator 1.4.5639.37199 contains a denial of service vulnerability that allows attackers to crash the application by inputting a long character string in the Excluded text box. Attackers can generate a payload of 8000 repeated characters to trigger the application to stop working on Windows ...
CVE-2021-47818 DupTerminator 1.4.5639.37199 - Denial of Service
DupTerminator 1.4.5639.37199 contains a denial of service vulnerability that allows attackers to crash the application by inputting a long character string in the Excluded text box. Attackers can generate a payload of 8000 repeated characters to trigger the application to stop working on Windows ...
OESA-2026-1071 grub2 security update
GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2025-53406)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2025-52429)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
MiracleLinux 7 : ocaml-4.01.0-22.7.el7 (AXSA:2016-530:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-530:01 advisory. Security issues fixed with this release: CVE-2015-8869 OCamel before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct...
MiracleLinux 7 : file-5.11-31.el7 (AXSA:2015-693:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-693:01 advisory. The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2025-48730)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...