NVD

There is stored cross site scripting (XSS) in Galileo CMS v0.042. Remote authenticated users could inject arbitrary web script or HTML via …

Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege escalation vulnerability in the ScadaAgentSvc.exe executable file. An …

A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlier allows remote attackers to inject arbitrary web script when …

A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < …

Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions …

The resolveRepositoryPath function doesn’t properly validate user input and a malicious user may traverse to any valid Git repository …

CMS Made Simple 2.2.14 allows Authenticated Arbitrary File Upload because the File Manager does not block .ptar files, a related issue to …

In Textpattern 4.5.7, an unprivileged author can change an article’s markup …

All versions of phpjs are vulnerable to Prototype Pollution via …

In Textpattern 4.5.7, the password-reset feature does not securely tether a hash to a user …

madlib-object-utils before 0.1.7 is vulnerable to Prototype Pollution via …

In Nim 1.2.4, the standard library browsers mishandles the URL argument to browsers.openDefaultBrowser. This argument can be a local file …