288 matches found
CVE-2025-57540
A stored cross-site scripting XSS vulnerability exists in the WebAuthn Relying Party field within the Datacenter configuration of Proxmox Virtual Environment PVE 8.4. Authenticated users can inject JavaScript code that is later executed in the browsers of users who view the configuration page,...
CVE-2025-57538
A stored cross-site scripting XSS vulnerability in the HTTP Proxy field within the Datacenter configuration panel of Proxmox Virtual Environment PVE 8.4 allows an authenticated user to inject malicious input. The input is stored and executed in the context of other users' browsers when they view...
CVE-2025-57538
A stored cross-site scripting XSS vulnerability in the HTTP Proxy field within the Datacenter configuration panel of Proxmox Virtual Environment PVE 8.4 allows an authenticated user to inject malicious input. The input is stored and executed in the context of other users' browsers when they view...
CVE-2025-57539
Vulnerability summary (CVE-2025-57539) : Proxmox Virtual Environment 8.4 is affected by a stored XSS in the U2F Origin field of the Datacenter configuration. Authenticated users can store input that is rendered unsafely in the Web UI and executed when viewed by others, potentially enabling sessio...
Proxmox Virtual Environment 安全漏洞
Proxmox Virtual Environment Proxmox VE is an open source server virtualization environment Linux distribution from Proxmox. A security vulnerability exists in Proxmox Virtual Environment version 8.4, which stems from a U2F Origin field stored cross-site scripting vulnerability that could lead to...
CVE-2025-57540
A stored cross-site scripting XSS vulnerability exists in the WebAuthn Relying Party field within the Datacenter configuration of Proxmox Virtual Environment PVE 8.4. Authenticated users can inject JavaScript code that is later executed in the browsers of users who view the configuration page,...
PT-2025-36792
Name of the Vulnerable Software and Affected Versions: Proxmox Virtual Environment version 8.4 Description: A stored cross-site scripting XSS vulnerability exists in the HTTP Proxy field within the Datacenter configuration panel. This allows an authenticated user to inject malicious input that is...
CVE-2025-57540
CVE-2025-57540 describes a stored cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment (PVE) 8.4, specifically in the WebAuthn Relying Party field of the Datacenter configuration. The issue allows authenticated users to inject JavaScript that runs in the browsers of others who ...
Proxmox Virtual Environment 安全漏洞
Proxmox Virtual Environment Proxmox VE is an open source server virtualization environment Linux distribution from Proxmox. A security vulnerability exists in Proxmox Virtual Environment version 8.4, which stems from a stored cross-site scripting vulnerability in the WebAuthn Relying Party field...
CVE-2025-57540
A stored cross-site scripting XSS vulnerability exists in the WebAuthn Relying Party field within the Datacenter configuration of Proxmox Virtual Environment PVE 8.4. Authenticated users can inject JavaScript code that is later executed in the browsers of users who view the configuration page,...
CVE-2025-57538
A stored cross-site scripting XSS vulnerability in the HTTP Proxy field within the Datacenter configuration panel of Proxmox Virtual Environment PVE 8.4 allows an authenticated user to inject malicious input. The input is stored and executed in the context of other users' browsers when they view...
CVE-2025-57539
A stored cross-site scripting XSS vulnerability in the U2F Origin field of the Datacenter configuration in Proxmox Virtual Environment PVE 8.4 allows authenticated users to store malicious input. The payload is rendered unsafely in the Web UI and executed when viewed by other users, potentially...
CVE-2025-57539
A stored cross-site scripting XSS vulnerability in the U2F Origin field of the Datacenter configuration in Proxmox Virtual Environment PVE 8.4 allows authenticated users to store malicious input. The payload is rendered unsafely in the Web UI and executed when viewed by other users, potentially...
Proxmox Virtual Environment 安全漏洞
Proxmox Virtual Environment Proxmox VE is an open source server virtualization environment Linux distribution from Proxmox. A security vulnerability exists in Proxmox Virtual Environment version 8.4, which stems from an HTTP Proxy field stored cross-site scripting vulnerability that could lead to...
CVE-2025-57538
A stored cross-site scripting XSS vulnerability in the HTTP Proxy field within the Datacenter configuration panel of Proxmox Virtual Environment PVE 8.4 allows an authenticated user to inject malicious input. The input is stored and executed in the context of other users' browsers when they view...
BIT-LIBPYTHON-2024-9287 Virtual environment (venv) activation scripts don't quote paths
A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts ie "source venv/bin/activate". This means that...
NewStart CGSL MAIN 7.02 : python3.11 Multiple Vulnerabilities (NS-SA-2025-0109)
The remote NewStart CGSL host, running version MAIN 7.02, has python3.11 packages installed that are affected by multiple vulnerabilities: - A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted properly,...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
SUSE-SU-2025:02491-1 Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2024-38822: Fixed Minion token validation bsc1244561 - CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 - CVE-2024-38824: Fixed directory...