NA - CVE-2025-24896 - Misskey is an open source, federated social...
Misskey is an open source, federated social media platform. Starting in version 12.109.0 and prior to version 2025.2.0-alpha.0, a login token named `token` is stored in a cookie for authentication...
NA - CVE-2025-24897 - Misskey is an open source, federated social...
Misskey is an open source, federated social media platform. Starting in version 12.109.0 and prior to version 2025.2.0-alpha.0, due to a lack of CSRF protection and the lack of proper security...
NA - CVE-2025-24900 - Concorde, formerly know as Nexkey, is a fork of...
Concorde, formerly know as Nexkey, is a fork of the federated microblogging platform Misskey. Due to a lack of CSRF countermeasures and improper settings of cookies for MediaProxy authentication,...
NA - CVE-2025-24973 - Concorde, formerly know as Nexkey, is a fork of...
Concorde, formerly know as Nexkey, is a fork of the federated microblogging platform Misskey. Prior to version 12.25Q1.1, due to an improper implementation of the logout process, authentication...
NA - CVE-2025-24976 - Distribution is a toolkit to pack, ship, store,...
Distribution is a toolkit to pack, ship, store, and deliver container content. Systems running registry versions 3.0.0-beta.1 through 3.0.0-rc.2 with token authentication enabled may be vulnerable...
NA - CVE-2023-40721 - A use of externally-controlled format string...
A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiOS version 7.4.0 through 7.4.1 and before 7.2.6, FortiProxy version 7.4.0 and before 7.2.7, FortiPAM version...
NA - CVE-2024-12755 - A Cross-Site Scripting (XSS) vulnerability in...
A Cross-Site Scripting (XSS) vulnerability in Avaya Spaces may have allowed unauthorized code execution and potential disclose of sensitive information.
NA - CVE-2024-12756 - An HTML Injection vulnerability in Avaya Spaces...
An HTML Injection vulnerability in Avaya Spaces may have allowed disclosure of sensitive information or modification of the page content seen by the user.
NA - CVE-2024-27780 - Multiple Improper Neutralization of Input...
Multiple Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilities [CWE-79] in FortiSIEM 7.1 all versions, 7.0 all versions, 6.7 all versions...
NA - CVE-2024-27781 - An improper neutralization of input during web...
An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox at least versions 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0...