526 matches found
CVE-2026-57347
Subscriber Sensitive Data Exposure in Hotel Booking Lite = 6.0.3 versions...
CVE-2026-14403
creationtimestamp| type| source ---|---|--- 2026-07-02 00:18:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpmqzc7uwk2k 2026-07-02 08:25:21+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-02 16:51:23+00:00| seen|...
EUVD-2026-39698
Unauthenticated Multiple Vulnerabilities in BitFire Security = 5.0.3 versions...
WordPress BitFire Security plugin <= 5.0.3 - Multiple Vulnerabilities vulnerability
Multiple Vulnerabilities vulnerability discovered by Aurélien BOURDOIS Elymaro in WordPress Plugin BitFire Security versions = 5.0.3...
CVE-2025-33128
IBM Engineering Workflow Management 7.0.3 through 7.0.3 Interim Fix 020, and 7.1 through 7.1 Interim Fix 007 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially...
EUVD-2025-210300
IBM Engineering Workflow Management 7.0.3 through 7.0.3 Interim Fix 020, and 7.1 through 7.1 Interim Fix 007 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially...
EUVD-2026-38040
Improper neutralization of input during web page generation XSS vulnerability in the GridTime 3000 password reset form allows XSS. This issue affects GridTime 3000: from 1.0r0.03 before 1.2r0.0...
PT-2026-50508
Name of the Vulnerable Software and Affected Versions RTI Connext Micro versions 4.0.0 through 4.2.0 Description An integer underflow wrap or wraparound in the Core Libraries can lead to buffer overreads. An integer underflow occurs when an arithmetic operation results in a value smaller than the...
EUVD-2026-36677
A vulnerability has been found in Intelliants Subrion CMS up to 4.0.3. Affected by this issue is some unknown functionality of the component Blocks Endpoint. Such manipulation of the argument CSS class name leads to cross site scripting. The attack may be launched remotely. The exploit has been...
Security Bulletin: IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities HTML / XSS Injection observed
Summary Vulnerabilities have been identified in HTML / XSS Injection, which is used in IBM Engineering Lifecycle Management -Engineering Workflow Management Vulnerability Details CVEID:CVE-2025-33128 DESCRIPTION: IBM Engineering Workflow Management is vulnerable to cross-site scripting. This...
CVE-2026-45779
OpenXDMoD is an open framework for collecting and analyzing HPC metrics. An SQL injection vulnerability exists in Open XDMoD versions prior to 10.0.3 that allows an unauthenticated remote attacker to execute arbitrary SQL statements. Exploitation requires no authentication or user interaction and...
EUVD-2026-34908
OpenXDMoD is an open framework for collecting and analyzing HPC metrics. An SQL injection vulnerability exists in Open XDMoD versions prior to 10.0.3 that allows an unauthenticated remote attacker to execute arbitrary SQL statements. Exploitation requires no authentication or user interaction and...
CVE-2026-45778
Open XDMoD
CVE-2026-45777
OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Starting in version 9.5.0 and prior to version 11.0.3, an attacker can remotely execute arbitrary system commands on the web server hosting Open XDMoD with the privileges of the web server process. This could allow an attack...
EUVD-2026-34904
OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Starting in version 9.5.0 and prior to version 11.0.3, an attacker can remotely execute arbitrary system commands on the web server hosting Open XDMoD with the privileges of the web server process. This could allow an attack...
CVE-2026-45777
Open XDMoD (OpenXDMoD): A remote command-injection vulnerability allows an attacker to execute arbitrary system commands on the web server process, affecting versions 9.5.0–11.0.2. Root cause: OS command injection that can compromise confidentiality, integrity, and availability. Impact includes r...
PT-2026-47052
Name of the Vulnerable Software and Affected Versions OpenXDMoD versions prior to 10.0.3 Description An SQL injection allows an unauthenticated remote attacker to execute arbitrary SQL statements. This can result in the complete compromise of the underlying database. The issue requires no...
Fedora 44 : perl-Crypt-Argon2 / perl-Dist-Build / perl-ExtUtils-Builder / etc (2026-dafdad8fd3)
The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-dafdad8fd3 advisory. Update to 0.031 2477035 2481131 fixes CVE-2026-8463 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...
CVE-2024-47263
An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup.Repository webapi component in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users with administrator privileges to write specific files containing non-sensitive informati...
UBUNTU-CVE-2026-50052
In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack request smuggling, which in turn can be used for cache poisoning, authentication bypass, or possibly even information disclosure and...