CVE-2026-23861

Dell Unisphere for PowerMax vApp, versions 9.2.4.x, contains an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML o...

CVE-2026-26357

Dell Unisphere for PowerMax, versions 9.2.4.x, contains an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML or...

CVE-2026-23861

Dell Unisphere for PowerMax vApp, versions 9.2.4.x, contains an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML o...

PT-2026-20353

Name of the Vulnerable Software and Affected Versions Dell Unisphere for PowerMax versions 9.2.4.x Description Dell Unisphere for PowerMax versions 9.2.4.x contain an Improper Neutralization of Input During Web Page Generation issue, also known as Cross-site Scripting. A low privileged attacker...

Dell Unisphere for PowerMax 跨站脚本漏洞

Dell Unisphere for PowerMax is a graphical management platform developed by the American company Dell. The version 9.2.4.x of Dell Unisphere for PowerMax contains a cross-site scripting vulnerability, which arises from improper input handling and may lead to cross-site scripting attacks...

Dell Unisphere for PowerMax 代码问题漏洞

Dell Unisphere for PowerMax is a graphical management platform from Dell USA. A code issue vulnerability exists in Dell Unisphere for PowerMax version 9.2.4.x. The vulnerability stems from improperly restricting references to XML external entities, which could lead to unauthorized access to data...

PT-2024-9365 · Splunk · Splunk Secure Gateway App +1

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.3.2 Splunk Enterprise versions prior to 9.2.4 Splunk Enterprise versions prior to 9.1.7 Splunk Secure Gateway app versions prior to 3.4.261 Splunk Secure Gateway app versions prior to 3.7.13 Description:...

CVE-2023-38522

Summary (CVE-2023-38522) : Apache Traffic Server is affected by an incomplete validation of HTTP field names, allowing malformed requests to be forwarded to origin servers. This can enable request smuggling and potentially cache poisoning if the origin is vulnerable. Affected versions include 8.0...

CVE-2023-48663

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system...

CVE-2023-48660

Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker could potentially exploit this vulnerability to read arbitrary files from the target system...

CVE-2023-48671

Dell vApp Manager, versions prior to 9.2.4.x contain an information disclosure vulnerability. A remote attacker could potentially exploit this vulnerability leading to obtain sensitive information that may aid in further attacks...

Grafana < 8.5.15, 9 < 9.2.4 Multiple Vulnerabilities

Grafana is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

UBUNTU-CVE-2022-39306

Grafana is an open-source platform for monitoring and observability. Versions prior to 9.2.4, or 8.5.15 on the 8.X branch, are subject to Improper Input Validation. Grafana admins can invite other members to the organization they are an admin for. When admins add members to the organization, non...

UBUNTU-CVE-2022-39328

Grafana is an open-source platform for monitoring and observability. Versions starting with 9.2.0 and less than 9.2.4 contain a race condition in the authentication middlewares logic which may allow an unauthenticated user to query an administration endpoint under heavy load. This issue is patche...

openSUSE Security Update : postgresql92 (openSUSE-SU-2013:0628-1)

postgresql was updated to version 9.2.4 bnc812525 : - CVE-2013-1899: Fix insecure parsing of server command-line switches. A connection request containing a database name that begins with '-' could be crafted to damage or destroy files within the server's data directory, even if the request is...

postgresql92: Various security fixes. Update to 9.2.4. (important)

postgresql was updated to version 9.2.4 bnc812525: CVE-2013-1899: Fix insecure parsing of server command-line switches. A connection request containing a database name that begins with "-" could be crafted to damage or destroy files within the server's data directory, even if the request is...

Oracle WebLogic - POST Session Fixation

Name Oracle WebLogic – Session Fixation Via HTTP POST Request Vendor Website http://www.oracle.com/ Date Released 11 March 2011 – CVE-2010-4437 Affected Software Oracle WebLogic Server 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, 10.3.3 Researcher Roberto Suggi Liverani Description Oracle WebLogic servlet...