TileServer API - Cross Site Scripting

tileserver-gl up to v4.4.10 was discovered to contain a cross-site scripting XSS vulnerability via the component /data/v3/?key. id: CVE-2024-35627 info: name: TileServer API - Cross Site Scripting author: DhiyaneshDK severity: medium description: | tileserver-gl up to v4.4.10 was discovered to...

TileServer GL <=3.0.0 - Cross-Site Scripting

TileServer GL through 3.0.0 is vulnerable to reflected cross-site scripting via server.js because the content of the key GET parameter is reflected unsanitized in an HTTP response for the application's main page. id: CVE-2020-15500 info: name: TileServer GL =3.0.0 - Cross-Site Scripting author:...

MapTiler Tileserver-php v2.0 - Unauthenticated File Read

MapTiler Tileserver-php v2.0 contains a directory traversal caused by improper sanitization of GET parameters in renderTile function, letting attackers read arbitrary files on the server, exploit requires crafted web requests id: CVE-2025-44137 info: name: MapTiler Tileserver-php v2.0 -...

MapTiler Tileserver-php v2.0 - Unauthenticated XSS

MapTiler Tileserver-php v2.0 contains a reflected XSS caused by unencoded reflection of the GET parameter "layer" in an error message, letting unauthenticated attackers execute arbitrary script on victim browsers. id: CVE-2025-44136 info: name: MapTiler Tileserver-php v2.0 - Unauthenticated XSS...

GHSA-Q8MJ-M7CP-5Q26 vulnerabilities

Vulnerabilities for packages: argo-workflows, langfuse, json-server, opensearch-dashboards, kubeflow-pipelines, code-server, kubeflow-centraldashboard, sqlpad, prism, thingsboard, tileserver-gl, saf, renovate...

CVE-2026-8723 vulnerabilities

Vulnerabilities for packages: argo-workflows, langfuse, json-server, opensearch-dashboards, kubeflow-pipelines, code-server, kubeflow-centraldashboard, sqlpad, prism, thingsboard, tileserver-gl, saf, renovate...

GHSA-Q8MJ-M7CP-5Q26 vulnerabilities

Vulnerabilities for packages: langfuse, redisinsight, arangodb, code-server, wazuh-dashboard-fips, saf, prism, tileserver-gl-fips, sqlpad, opensearch-dashboards-fips, unleash, thingsboard, langfuse-fips, thingsboard-fips, opensearch-dashboards, kubeflow-pipelines, renovate, argo-workflows,...

CVE-2026-8723 vulnerabilities

Vulnerabilities for packages: langfuse, redisinsight, arangodb, code-server, wazuh-dashboard-fips, saf, prism, tileserver-gl-fips, sqlpad, opensearch-dashboards-fips, unleash, thingsboard, langfuse-fips, thingsboard-fips, opensearch-dashboards, kubeflow-pipelines, renovate, argo-workflows,...

GHSA-J452-XHG8-QG39 vulnerabilities

Vulnerabilities for packages: wazuh-dashboard, opensearch-dashboards, wazuh-dashboard-fips, tileserver-gl, tileserver-gl-fips, opensearch-dashboards-fips...

CVE-2026-5758 vulnerabilities

Vulnerabilities for packages: wazuh-dashboard, opensearch-dashboards, wazuh-dashboard-fips, tileserver-gl, tileserver-gl-fips, opensearch-dashboards-fips...

CVE-2026-5758 vulnerabilities

Vulnerabilities for packages: tileserver-gl, opensearch-dashboards...

GHSA-J452-XHG8-QG39 vulnerabilities

Vulnerabilities for packages: tileserver-gl, opensearch-dashboards...

CVE-2026-34043 vulnerabilities

Vulnerabilities for packages: tileserver-gl, argo-workflows...

GHSA-QJ8W-GFJ5-8C6V vulnerabilities

Vulnerabilities for packages: tileserver-gl, argo-workflows...

CVE-2026-34043 vulnerabilities

Vulnerabilities for packages: librechat, wazuh-dashboard, opensearch-dashboards, wazuh-dashboard-fips, argo-workflows, tileserver-gl, tileserver-gl-fips, opensearch-dashboards-fips...

GHSA-QJ8W-GFJ5-8C6V vulnerabilities

Vulnerabilities for packages: librechat, wazuh-dashboard, opensearch-dashboards, wazuh-dashboard-fips, argo-workflows, tileserver-gl, tileserver-gl-fips, opensearch-dashboards-fips...

CVE-2026-33938 vulnerabilities

Vulnerabilities for packages: rancher-api-ui, wazuh-dashboard, opensearch-dashboards, pelias-api, lerna, prism, ts-patch, tileserver-gl-fips, opensearch-dashboards-fips, kibana...

GHSA-3MFM-83XF-C92R vulnerabilities

Vulnerabilities for packages: rancher-api-ui, wazuh-dashboard, opensearch-dashboards, pelias-api, lerna, prism, ts-patch, tileserver-gl-fips, opensearch-dashboards-fips, kibana...

CVE-2026-33941 vulnerabilities

Vulnerabilities for packages: rancher-api-ui, wazuh-dashboard, opensearch-dashboards, pelias-api, lerna, prism, ts-patch, tileserver-gl-fips, opensearch-dashboards-fips, kibana...

GHSA-9CX6-37PM-9JFF vulnerabilities

Vulnerabilities for packages: rancher-api-ui, wazuh-dashboard, opensearch-dashboards, pelias-api, lerna, prism, ts-patch, tileserver-gl-fips, opensearch-dashboards-fips, kibana...