A medium severity vulnerability has been identified within Privileged Identity which can allow an attacker to perform reflected cross-site scripting attacks.
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site us
An high privileged remote attacker can inject arbitrary content into the custom CSS field on the affected devices due to improper neutralization of input during web page generation ('Cross-site Script
A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions <=25.7. Under certain conditions, a local authenticated user with elevated privileges may b
COMMAX Biometric Access Control System 1.0.0 contains an unauthenticated reflected cross-site scripting vulnerability in cookie parameters 'CMX_ADMIN_NM' and 'CMX_COMPLEX_NM'. Attackers can inject mal
Cross Site Scripting vulnerability in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to execute arbitrary code
Cross Site Scripting vulnerability in Audiocodes MP-202b v.4.4.3 allows a remote attacker to escalate privileges via the login page of the web interface.
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative write privileges to conduc
A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands.
A reflected cross-site scripting vulnerability exists in Nexus Repository 3 that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser through a specially crafted requ
Cross-site scripting vulnerability exists in Simple Image Sizes 3.2.3 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging
Privilege escalation vulnerability identified in OpenText ArcSight Intelligence.
A reflected cross-site scripting (XSS) vulnerability exists in the account registration flow of WSO2 Identity Server due to improper output encoding. A malicious actor can exploit this vulnerability b
A vulnerability was determined in D-Link DGS-3420 1.50.018. This issue affects some unknown processing of the component System Information Settings Page. This manipulation of the argument System Name
An Incomplete Filtering of Special Elements vulnerability in scripts using the SSH server on B&R APROL <4.4-00P5 may allow an authenticated local attacker to authenticate as another legitimate user.
An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A flaw in broken access control has been identified in the /api/v1/setting
A Stored Cross-Site Scripting vulnerability was discovered in the Assets and Nodes functionality due to improper validation of an input parameter. An authenticated user with custom fields privileges c
An authenticated attacker can use this vulnerability to perform a privilege escalation to gain root access.
A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands.
ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could result in arbitrary code being executed within the b
Page 1+ Next →