Filtered by vendor Linuxserver Subscriptions
Filtered by product Heimdall Application Dashboard Subscriptions

Search

Switch to Advanced Search (Beta)
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-51358 1 Linuxserver 1 Heimdall Application Dashboard 2026-04-15 9.8 Critical
An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via a crafted script to the Add new application.
CVE-2023-51803 1 Linuxserver 1 Heimdall Application Dashboard 2026-04-15 9.8 Critical
LinuxServer.io Heimdall before 2.5.7 does not prevent use of icons that have non-image data such as the "<?php ?>" substring.
CVE-2025-54597 1 Linuxserver 2 Heimdall, Heimdall Application Dashboard 2025-08-07 7.2 High
LinuxServer.io Heimdall before 2.7.3 allows XSS via the q parameter.
CVE-2022-47968 1 Linuxserver 1 Heimdall Application Dashboard 2025-04-11 5.4 Medium
Heimdall Application Dashboard through 2.5.4 allows reflected and stored XSS via "Application name" to the "Add application" page. The stored XSS will be triggered in the "Application list" page.