CVE-2026-24810 A buffer overflow in rethinkdb/rethinkdb

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in rethinkdb src/cjson modules. This vulnerability is associated with program files cJSON.Cc. This issue affects rethinkdb: through v2.4.4...

Synchrony deobfuscator prototype pollution vulnerability leading to arbitrary code execution

Impact A proto pollution vulnerability exists in synchrony versions before v2.4.4. Successful exploitation could lead to arbitrary code execution. Summary A proto pollution vulnerability exists in the LiteralMap transformer allowing crafted input to modify properties in the Object prototype. When...

Security Bulletin: IBM Cloud Pak for Network Automation v2.4.4 fixes multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation v2.4.4 fixes multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2022-4883 DESCRIPTION: libXpm could allow a remote attacker to execute arbitrary code on the system, caused by compression commands depend on $PAT...

Cross-site Scripting in Graylog

Graylog before v2.4.4 has an XSS security issue with unescaped text in dashboard names, related to components/dashboard/Dashboard.jsx, components/dashboard/EditDashboardModal.jsx, and pages/ShowDashboardPage.jsx...

CVE-2022-1092 myCred < 2.4.4 - Subscriber+ Import/Export to Email Address Disclosure

The myCred WordPress plugin before 2.4.3.1 does not have authorisation and CSRF checks in its mycred-tools-import-export AJAX action, allowing any authenticated user to call and and retrieve the list of email address present in the blog...

Cross site scripting

Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting XSS vulnerability in the component ./clients/client via the company name parameter...

CVE-2020-28961

Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting XSS vulnerability in the component ./clients/client via the company name parameter...

Perfex v2.4.4 CRM - (Print) Persistent Web Vulnerability

Document Title: =============== Perfex v2.4.4 CRM - Print Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2231 Release Date: ============= 2020-06-23 Vulnerability Laboratory ID VL-ID: ==================================== 22...

Cross site scripting

Graylog before v2.4.4 has an XSS security issue with unescaped text in notifications, related to toastr and util/UserNotification.js...

CVE-2018-11650

Graylog before v2.4.4 has an XSS security issue with unescaped text in notifications, related to toastr and util/UserNotification.js...

CVE-2018-11651

Graylog before v2.4.4 has an XSS security issue with unescaped text in dashboard names, related to components/dashboard/Dashboard.jsx, components/dashboard/EditDashboardModal.jsx, and pages/ShowDashboardPage.jsx...