CVE-2026-0521

A reflected cross-site scripting XSS vulnerability in the PDF export functionality of the TYDAC AG MAP+ solution allows unauthenticated attackers to craft a malicious URL, that if visited by a victim, will execute arbitrary JavaScript in the victim's context. Such a URL could be delivered through...

BIT-GITLAB-2023-5117 Exposure of Sensitive Information Due to Incompatible Policies in GitLab

An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL...

PT-2024-10105 · Glpi +1 · Glpi +1

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.17 Description: The issue is related to a lack of protection of the web page structure in the GLPI system, which can be exploited by a remote attacker to conduct a cross-site scripting XSS attack. Specifically, an...

boot2docker Code Execution Vulnerability

boot2docker is a distribution of lightweight Linux that runs exclusively on Docker containers. A security vulnerability in the Docker daemon in boot2docker 1.2 and earlier versions stems from the program failing to properly open unauthenticated TCP links by default. A remote attacker could exploi...