NA - CVE-2023-27148 - A stored cross-site scripting (XSS)...
A stored cross-site scripting (XSS) vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into...
NA - CVE-2023-37636 - A stored cross-site scripting (XSS)...
A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field...
NA - CVE-2023-46322 - iTermSessionLauncher.m in iTerm2 before...
iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostname's initial character may be non-alphanumeric. The hostname's other characters may...
NA - CVE-2023-28796 -
Improper Verification of Cryptographic...
Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows Code Injection. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6.
NA - CVE-2023-5718 - The Vue.js Devtools extension was found to leak...
The Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via the standard `postMessage()` API. By creating a malicious web page with an iFrame targeting a...
NA - CVE-2023-33840 - IBM Security Verify Governance 10.0 is...
IBM Security Verify Governance 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...
NA - CVE-2021-26736 - Multiple vulnerabilities in the Zscaler Client...
Multiple vulnerabilities in the Zscaler Client Connector Installer and Uninstaller for Windows prior to 3.6 allowed execution of binaries from a low privileged path. A local adversary may be able...