CVE-2026-38428

Kestra v1.3.3 and before is vulnerable to SQL Injection. The vulnerability occurs because user-controlled input from a GET parameter is directly concatenated into an SQL query without proper sanitization or parameterization. As a result, attackers can inject arbitrary SQL expressions into the...

CVE-2020-24924

A Persistent Cross-site Scripting vulnerability is found in ElkarBackup v1.3.3, where an attacker can steal the user session cookie using this vulnerability present on Policies action Name Parameter...

Fedora 42 : runc (2025-ef192f5d10)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-ef192f5d10 advisory. Update to release v1.3.3 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Linux Distros Unpatched Vulnerability : CVE-2018-1000559

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - qutebrowser version introduced in v0.11.0 1179ee7a937fb31414d77d9970bac21095358449 contains a Cross Site Scripting XSS vulnerability in history command,...

CVE-2023-2880

CVE-2023-2880 concerns Frauscher Sensortechnik GmbH FDS001 (FAdC/FAdCi) web interface. A path traversal vulnerability in the web UI, exploitable via a crafted URL without authentication, allows a remote attacker to read any file on the device filesystem. Impact is confirmed in multiple sources fo...

CVE-2020-24924

A Persistent Cross-site Scripting vulnerability is found in ElkarBackup v1.3.3, where an attacker can steal the user session cookie using this vulnerability present on Policies action Name Parameter...

CVE-2020-24924

ElkarBackup v1.3.3 contains a persistent cross-site scripting vulnerability that can allow an attacker to steal a user session cookie. The issue is located in the Policies → action → Name parameter. Multiple connected sources (Red Hat, CNVD, NVD, CVE lists) corroborate the vulnerability as a cros...

CVE-2018-19289

An issue was discovered in Valine v1.3.3. It allows HTML injection, which can be exploited for JavaScript execution via an EMBED element in conjunction with a .pdf file...

CVE-2018-19289

An issue was discovered in Valine v1.3.3. It allows HTML injection, which can be exploited for JavaScript execution via an EMBED element in conjunction with a .pdf file...

Design/Logic Flaw

An issue was discovered in Valine v1.3.3. It allows HTML injection, which can be exploited for JavaScript execution via an EMBED element in conjunction with a .pdf file...

CVE-2018-19289

An issue was discovered in Valine v1.3.3. It allows HTML injection, which can be exploited for JavaScript execution via an EMBED element in conjunction with a .pdf file...

Qutebrowser XSS Vulnerability

qutebrowser version introduced in v0.11.0 1179ee7a937fb31414d77d9970bac21095358449 contains a Cross Site Scripting XSS vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history. This attack appear to be...

Cross site scripting

qutebrowser version introduced in v0.11.0 1179ee7a937fb31414d77d9970bac21095358449 contains a Cross Site Scripting XSS vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history. This attack appear to be...

PYSEC-2018-26

qutebrowser version introduced in v0.11.0 1179ee7a937fb31414d77d9970bac21095358449 contains a Cross Site Scripting XSS vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history. This attack appear to be...

TIOD v1.3.3 for iPhone / iPod touch Directory Traversal

Exploit for hardware platform in category remote exploits Exploit Title: TIOD v1.3.3 for iPhone / iPod touch, Directory Traversal Date: 03/03/2011 Author: email protected, email protected E-Mail : R3dal3rt.team at gmail dot com Twitter : http://twitter.com/R3dAl3rtTeam Software Link:...