49 matches found
2026-05 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 (KB5088863)
2026-05 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 for x64 KB5088863...
CVE-2026-3457
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.This issue affects Sentinel LDK Runtime: before 10.22...
EUVD-2026-16575
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.This issue affects Sentinel LDK Runtime: before 10.22...
CVE-2026-3457
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.This issue affects Sentinel LDK Runtime: before 10.22...
CVE-2026-3457
CVE-2026-3457 refers to an stored XSS vulnerability in Thales Sentinel LDK Runtime on Windows, caused by improper neutralization of input during web page generation. The issue affects Sentinel LDK Runtime prior to 10.22 and can lead to stored cross-site scripting with impact on confidentiality (l...
CVE-2026-3457 Stored XSS vulnerability in Sentinel ACC
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.This issue affects Sentinel LDK Runtime: before 10.22...
CVE-2026-3457 Stored XSS vulnerability in Sentinel ACC
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.This issue affects Sentinel LDK Runtime: before 10.22...
Thales Sentinel LDK Runtime 安全漏洞
Thales Sentinel LDK Runtime is a component environment provided by Thales Corporation that offers software licensing and encryption protection for runtime operations. Versions of Thales Sentinel LDK Runtime prior to version 10.22 contained security vulnerabilities. These vulnerabilities were due ...
PT-2026-28634
Name of the Vulnerable Software and Affected Versions Thales Sentinel LDK Runtime versions prior to 10.22 Description The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting XSS. This means that malicious scripts can...
CVE-2026-21660
Hardcoded Email Credentials Saved as Plaintext in Firmware CWE-256: Plaintext Storage of a Password vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, exposure of sensitive information, and potential misuse or system compromise This issue affects Frick...
CVE-2026-21656
Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...
CVE-2026-21654
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows OS Command Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security o...
CVE-2026-21659
Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion LFI vulnerability in Johnson Controls Frick Controls Quantum HD allow an unauthenticated attacker to execute arbitrary code on the affected device, leading to full system compromise. This issue affects...
EUVD-2026-9019
Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion LFI vulnerability in Johnson Controls Frick Controls Quantum HD allow an unauthenticated attacker to execute arbitrary code on the affected device, leading to full system compromise. This issue affects...
CVE-2026-21660
Hardcoded Email Credentials Saved as Plaintext in Firmware CWE-256: Plaintext Storage of a Password vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, exposure of sensitive information, and potential misuse or system compromise This issue affects Frick...
CVE-2026-21660
Hardcoded Email Credentials Saved as Plaintext in Firmware CWE-256: Plaintext Storage of a Password vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, exposure of sensitive information, and potential misuse or system compromise This issue affects Frick...
CVE-2026-21659
Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion LFI vulnerability in Johnson Controls Frick Controls Quantum HD allow an unauthenticated attacker to execute arbitrary code on the affected device, leading to full system compromise. This issue affects...
EUVD-2026-9011
Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...
CVE-2026-21654
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows OS Command Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security o...
CVE-2026-21656
Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...