CVE-2026-11994

Akaunting 3.1.21 contains an authenticated stored Cross-Site Scripting vulnerability in the report management workflow. A user with permission to create or update reports can store arbitrary HTML/JavaScript in the description field of a report...

CVE-2025-12773

A vulnerability in update-reports-purge-settings.sh script logging for Brocade SANnav before 2.4.0a could allow the collection of SANnav database password in the system audit logs. The vulnerability could allow a remote authenticated attacker with access to the audit logs to access the Brocade...

CVE-2025-12773

A vulnerability in update-reports-purge-settings.sh script logging for Brocade SANnav before 2.4.0a could allow the collection of SANnav database password in the system audit logs. The vulnerability could allow a remote authenticated attacker with access to the audit logs to access the Brocade...

CVE-2025-12773 Plain password is generated in the audit logs while executing update-reports-purge-settings.sh script with Brocade SANnav before 2.4.0a

A vulnerability in update-reports-purge-settings.sh script logging for Brocade SANnav before 2.4.0a could allow the collection of SANnav database password in the system audit logs. The vulnerability could allow a remote authenticated attacker with access to the audit logs to access the Brocade...

CVE-2025-60728

creationtimestamp| type| source ---|---|--- 2025-11-11 17:30:42+00:00| seen| https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review 2025-11-11 17:31:27+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0359 2025-11-12 08:07:54+00:00| seen|...

Configuration Update Manager - Moderately critical - Cross Site Request Forgery (CSRF) - SA-CONTRIB-2017-091

The Configuration Update Reports sub-module in the Configuration Update module project enables you to run reports to see what configuration on your site differs from the configuration distributed by a module, theme, or installation profile, and to revert, delete, or import configuration. This...