11290 matches found
ROOT-OS-DEBIAN-11-CVE-2022-21546 CVE-2022-21546 in rootio-linux - Patched by Root
Root has patched CVE-2022-21546 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
CVE-2026-46357
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, the HAX CMS NodeJS application crashes when an authenticated attacker sends a specially crafted site creation request to the createSite endpoint. A single request is sufficient to take the entire...
CVE-2026-46400
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 11.0.6 and prior to version 25.0.0, the file upload functionality in HAXCMS PHP only validates file extensions using a regex pattern without checking the actual file content or MIME type. This allows attacker...
CVE-2026-46496
HAX CMS helps manage microsite universe with PHP or NodeJs backends. A stored cross-site scripting XSS vulnerability exists in versions prior to 26.0.0 due to improper sanitization of the component. The component allows javascript: URIs in the source attribute, which are executed when the page is...
CVE-2026-46396
HAX CMS helps manage microsite universe with PHP or NodeJs backends. A stored cross-site scripting XSS vulnerability exists in versions prior to 26.0.0 due to improper sanitization of elements. The application allows javascript: URIs in the src attribute, which are executed when a malicious page ...
erlang27-27.1.3-2.1 on GA media (moderate)
erlang27-27.1.3-2.1 on GA media Announcement ID: openSUSE-SU-2026:10947-1 Rating: moderate Cross-References: CVE-2025-4748 CVE-2025-48038 CVE-2025-48039 CVE-2026-21620 CVE-2026-23941 CVE-2026-23942 CVE-2026-23943 CVE-2026-28808 CVE-2026-28810 CVE-2026-32144 CVE-2026-32147 CVE-2026-42789...
CVE-2026-46399
HAX CMS helps manage microsite universe with PHP or NodeJs backends. The PHP version of HAX CMS prior to version 26.0.0 has an authenticated file overwrite vulnerability. An attacker can exploit this vulnerability to configure malicious Git filter commands and achieve code execution on the HAX CM...
offensive-claude-490
Offensive Security Research Config for Claude Code !TIP...
cyber-pentools
🔥 Cyber Pentools — All-in-One Penetration Testing Toolkit 2...
CVE-2026-8901
creationtimestamp| type| source ---|---|--- 2026-06-06 05:05:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnluwuthku24 2026-06-07 00:01:09+00:00| seen| https://bsky.app/profile/pulse-wp.com/post/3mnnufp6fqk2h...
ROOT-OS-DEBIAN-13-CVE-2022-1247 CVE-2022-1247 in rootio-linux - Patched by Root
Root has patched CVE-2022-1247 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-23069 CVE-2026-23069 in rootio-linux - Patched by Root
Root has patched CVE-2026-23069 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2025-21955 CVE-2025-21955 in rootio-linux - Patched by Root
Root has patched CVE-2025-21955 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2025-38530 CVE-2025-38530 in rootio-linux - Patched by Root
Root has patched CVE-2025-38530 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2025-23146 CVE-2025-23146 in rootio-linux - Patched by Root
Root has patched CVE-2025-23146 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...
ASUS DSL-AC88U - Authentication Bypass
A vulnerability in the ASUS DSL-AC88U router permits unauthorized individuals to bypass authentication.When adding "/js/..%2f%2f" or "/images/..%2f%2e" to the requested URL, it will be recognized as passing the authentication.This vulnerability is part of a broader authentication bypass issue...
CVE-2026-46398
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 25.0.0 and prior to version 26.0.0, the haxcmsrefreshtoken cookie is set without the Secure flag. This allows it to be transmitted over unencrypted HTTP, making it vulnerable to theft via packet sniffing on t...
CVE-2025-46311
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2. An app may be able to access sensitive user data...
CVE-2026-49318
Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the PIN entry screen. The Infotainment uses presence of Wireless Control Module WCM traffic during its boot window as a...
CVE-2026-33877
ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain a timing side-channel vulnerability in the password reset endpoint /api/v1/@apostrophecms/login/reset-request that allows unauthenticated username and email enumeration. When a user is not found,...