Security Vulnerabilities
In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries.
CVSS Score
4.9
EPSS Score
0.0
Published
2026-01-07
Stored cross-site scripting (XSS, CWE-79) in the survey content and administration functionality in Data Illusion Zumbrunn NGSurvey Enterprise Edition 3.6.4 on all supported platforms (
on Windows and Linux servers ) allows authenticated remote users with survey creation or edit privileges to execute arbitrary JavaScript in other users’ browsers, steal session information and perform unauthorized actions on their behalf via crafted survey content that is rendered without proper output encoding.
CVSS Score
5.4
EPSS Score
0.002
Published
2026-01-07
Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.0
Published
2026-01-07
A vulnerability was detected in projectworlds House Rental and Property Listing 1.0. This issue affects some unknown processing of the file /app/complaint.php. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely. The exploit is now public and may be used.
CVSS Score
2.4
EPSS Score
0.0
Published
2026-01-07
A flaw has been found in projectworlds House Rental and Property Listing 1.0. Impacted is an unknown function of the file /app/register.php?action=reg of the component Signup. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be used.
CVSS Score
7.3
EPSS Score
0.0
Published
2026-01-07
Memory corruption while passing pages to DSP with an unaligned starting address.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-07
Memory corruption when accessing resources in kernel driver.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-07
Memory corruption when copying overlapping buffers during memory operations due to incorrect offset calculations.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-07
Transient DOS while parsing a WLAN management frame with a Vendor Specific Information Element.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-01-07
Memory corruption occurs when a secure application is launched on a device with insufficient memory.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-07