129 matches found
TileServer API - Cross Site Scripting
tileserver-gl up to v4.4.10 was discovered to contain a cross-site scripting XSS vulnerability via the component /data/v3/?key. id: CVE-2024-35627 info: name: TileServer API - Cross Site Scripting author: DhiyaneshDK severity: medium description: | tileserver-gl up to v4.4.10 was discovered to...
MapTiler Tileserver-php v2.0 - Unauthenticated File Read
MapTiler Tileserver-php v2.0 contains a directory traversal caused by improper sanitization of GET parameters in renderTile function, letting attackers read arbitrary files on the server, exploit requires crafted web requests id: CVE-2025-44137 info: name: MapTiler Tileserver-php v2.0 -...
MapTiler Tileserver-php v2.0 - Unauthenticated XSS
MapTiler Tileserver-php v2.0 contains a reflected XSS caused by unencoded reflection of the GET parameter "layer" in an error message, letting unauthenticated attackers execute arbitrary script on victim browsers. id: CVE-2025-44136 info: name: MapTiler Tileserver-php v2.0 - Unauthenticated XSS...
TileServer GL <=3.0.0 - Cross-Site Scripting
TileServer GL through 3.0.0 is vulnerable to reflected cross-site scripting via server.js because the content of the key GET parameter is reflected unsanitized in an HTTP response for the application's main page. id: CVE-2020-15500 info: name: TileServer GL =3.0.0 - Cross-Site Scripting author:...
GHSA-Q8MJ-M7CP-5Q26 vulnerabilities
Vulnerabilities for packages: json-server, kubeflow-centraldashboard, code-server, opensearch-dashboards, renovate, kubeflow-pipelines, argo-workflows, langfuse, thingsboard, sqlpad, saf, py3-jupyterlab, prism, tileserver-gl...
CVE-2026-8723 vulnerabilities
Vulnerabilities for packages: json-server, kubeflow-centraldashboard, code-server, opensearch-dashboards, renovate, kubeflow-pipelines, argo-workflows, langfuse, thingsboard, sqlpad, saf, py3-jupyterlab, prism, tileserver-gl...
GHSA-Q8MJ-M7CP-5Q26 vulnerabilities
Vulnerabilities for packages: tileserver-gl-fips, langfuse, wazuh-dashboard-fips, prism, saf, langfuse-fips, redisinsight, kubeflow-pipelines, pelias-api, opensearch-dashboards, arangodb, wazuh-dashboard, code-server, sqlpad, thingsboard-fips, tileserver-gl, unleash, py3-captum, argo-workflows,...
CVE-2026-8723 vulnerabilities
Vulnerabilities for packages: tileserver-gl-fips, langfuse, wazuh-dashboard-fips, prism, saf, langfuse-fips, redisinsight, kubeflow-pipelines, pelias-api, opensearch-dashboards, arangodb, wazuh-dashboard, code-server, sqlpad, thingsboard-fips, tileserver-gl, unleash, py3-captum, argo-workflows,...
CVE-2026-5758 vulnerabilities
Vulnerabilities for packages: tileserver-gl-fips, opensearch-dashboards-fips, wazuh-dashboard-fips, opensearch-dashboards, wazuh-dashboard, tileserver-gl...
GHSA-J452-XHG8-QG39 vulnerabilities
Vulnerabilities for packages: tileserver-gl-fips, opensearch-dashboards-fips, wazuh-dashboard-fips, opensearch-dashboards, wazuh-dashboard, tileserver-gl...
CVE-2026-5758 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, tileserver-gl...
GHSA-J452-XHG8-QG39 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, tileserver-gl...
GHSA-QJ8W-GFJ5-8C6V vulnerabilities
Vulnerabilities for packages: sqlpad, argo-workflows, tileserver-gl...
CVE-2026-34043 vulnerabilities
Vulnerabilities for packages: sqlpad, argo-workflows, tileserver-gl...
CVE-2026-34043 vulnerabilities
Vulnerabilities for packages: tileserver-gl-fips, gitlab-rails-ce, librechat, drupal, argo-workflows, opensearch-dashboards, wazuh-dashboard-fips, tileserver-gl, wazuh-dashboard, gitlab-rails-ce-fips, sqlpad, opensearch-dashboards-fips...
GHSA-QJ8W-GFJ5-8C6V vulnerabilities
Vulnerabilities for packages: tileserver-gl-fips, gitlab-rails-ce, librechat, drupal, argo-workflows, opensearch-dashboards, wazuh-dashboard-fips, tileserver-gl, wazuh-dashboard, gitlab-rails-ce-fips, sqlpad, opensearch-dashboards-fips...
GHSA-XJPJ-3MR7-GCPF vulnerabilities
Vulnerabilities for packages: tileserver-gl-fips, lerna, gitlab-rails-ce, ts-patch, rancher-api-ui, pelias-api, wazuh-dashboard-fips, opensearch-dashboards, prism, wazuh-dashboard, kibana, gitlab-rails-ce-fips, py3-jupyterlab, nextcloud-server, opensearch-dashboards-fips...
GHSA-XHPV-HC6G-R9C6 vulnerabilities
Vulnerabilities for packages: tileserver-gl-fips, lerna, gitlab-rails-ce, ts-patch, rancher-api-ui, pelias-api, wazuh-dashboard-fips, opensearch-dashboards, prism, wazuh-dashboard, kibana, gitlab-rails-ce-fips, py3-jupyterlab, nextcloud-server, opensearch-dashboards-fips...
GHSA-7RX3-28CR-V5WH vulnerabilities
Vulnerabilities for packages: tileserver-gl-fips, lerna, gitlab-rails-ce, ts-patch, rancher-api-ui, pelias-api, wazuh-dashboard-fips, opensearch-dashboards, prism, wazuh-dashboard, kibana, gitlab-rails-ce-fips, py3-jupyterlab, nextcloud-server, opensearch-dashboards-fips...
GHSA-442J-39WM-28R2 vulnerabilities
Vulnerabilities for packages: tileserver-gl-fips, lerna, gitlab-rails-ce, ts-patch, rancher-api-ui, pelias-api, wazuh-dashboard-fips, opensearch-dashboards, prism, wazuh-dashboard, kibana, gitlab-rails-ce-fips, py3-jupyterlab, nextcloud-server, opensearch-dashboards-fips...