Lucene search
K

49 matches found

Microsoft Security Update
Microsoft Security Update
added 2026/05/12 5:0 p.m.42 views

2026-05 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5088863)

2026-05 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 KB5088863...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/28 10:51 a.m.4 views

CVE-2026-3457

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.This issue affects Sentinel LDK Runtime: before 10.22...

8.3CVSS5.9AI score0.00137EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/27 9:31 a.m.4 views

EUVD-2026-16575

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.This issue affects Sentinel LDK Runtime: before 10.22...

8.3CVSS5.9AI score0.00137EPSS
Exploits0References2
NVD
NVD
added 2026/03/27 9:16 a.m.4 views

CVE-2026-3457

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.This issue affects Sentinel LDK Runtime: before 10.22...

8.3CVSS0.00137EPSS
Exploits0References1
CVE
CVE
added 2026/03/27 9:5 a.m.15 views

CVE-2026-3457

CVE-2026-3457 refers to an stored XSS vulnerability in Thales Sentinel LDK Runtime on Windows, caused by improper neutralization of input during web page generation. The issue affects Sentinel LDK Runtime prior to 10.22 and can lead to stored cross-site scripting with impact on confidentiality (l...

8.3CVSS5.9AI score0.00137EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/27 9:5 a.m.4 views

CVE-2026-3457 Stored XSS vulnerability in Sentinel ACC

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.This issue affects Sentinel LDK Runtime: before 10.22...

8.3CVSS5.9AI score0.00137EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/27 9:5 a.m.24 views

CVE-2026-3457 Stored XSS vulnerability in Sentinel ACC

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.This issue affects Sentinel LDK Runtime: before 10.22...

8.3CVSS0.00137EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.10 views

Thales Sentinel LDK Runtime 安全漏洞

Thales Sentinel LDK Runtime is a component environment provided by Thales Corporation that offers software licensing and encryption protection for runtime operations. Versions of Thales Sentinel LDK Runtime prior to version 10.22 contained security vulnerabilities. These vulnerabilities were due ...

8.3CVSS5.7AI score0.00137EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.8 views

PT-2026-28634

Name of the Vulnerable Software and Affected Versions Thales Sentinel LDK Runtime versions prior to 10.22 Description The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting XSS. This means that malicious scripts can...

8.3CVSS5.9AI score0.00137EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/28 2:0 p.m.6 views

CVE-2026-21660

Hardcoded Email Credentials Saved as Plaintext in Firmware CWE-256: Plaintext Storage of a Password vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, exposure of sensitive information, and potential misuse or system compromise This issue affects Frick...

9.8CVSS5.9AI score0.0023EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/28 2:0 p.m.4 views

CVE-2026-21656

Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...

9.8CVSS6AI score0.00392EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/28 2:0 p.m.5 views

CVE-2026-21654

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows OS Command Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security o...

9.8CVSS5.9AI score0.01506EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/28 2:0 p.m.6 views

CVE-2026-21659

Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion LFI vulnerability in Johnson Controls Frick Controls Quantum HD allow an unauthenticated attacker to execute arbitrary code on the affected device, leading to full system compromise. This issue affects...

9.8CVSS6.4AI score0.00909EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/27 12:31 p.m.5 views

EUVD-2026-9019

Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion LFI vulnerability in Johnson Controls Frick Controls Quantum HD allow an unauthenticated attacker to execute arbitrary code on the affected device, leading to full system compromise. This issue affects...

8.7CVSS6.3AI score0.00909EPSS
Exploits0References3
OSV
OSV
added 2026/02/27 10:16 a.m.5 views

CVE-2026-21660

Hardcoded Email Credentials Saved as Plaintext in Firmware CWE-256: Plaintext Storage of a Password vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, exposure of sensitive information, and potential misuse or system compromise This issue affects Frick...

9.8CVSS5.8AI score0.0023EPSS
Exploits0References2
NVD
NVD
added 2026/02/27 10:16 a.m.10 views

CVE-2026-21660

Hardcoded Email Credentials Saved as Plaintext in Firmware CWE-256: Plaintext Storage of a Password vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, exposure of sensitive information, and potential misuse or system compromise This issue affects Frick...

9.8CVSS0.0023EPSS
Exploits0References2
OSV
OSV
added 2026/02/27 10:16 a.m.4 views

CVE-2026-21659

Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion LFI vulnerability in Johnson Controls Frick Controls Quantum HD allow an unauthenticated attacker to execute arbitrary code on the affected device, leading to full system compromise. This issue affects...

9.8CVSS6.1AI score0.00909EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/27 9:30 a.m.4 views

EUVD-2026-9011

Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...

8.8CVSS6AI score0.00392EPSS
Exploits0References3
NVD
NVD
added 2026/02/27 9:16 a.m.10 views

CVE-2026-21654

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows OS Command Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security o...

9.8CVSS0.01506EPSS
Exploits0References2
NVD
NVD
added 2026/02/27 9:16 a.m.8 views

CVE-2026-21656

Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...

9.8CVSS0.00392EPSS
Exploits0References2
Rows per page
Query Builder