Lucene search
K

31 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.21 views

EUVD-2021-1106

Malware in sbrugna...

7.5CVSS7.5AI score0.01987EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-9270

Malicious code in bioql PyPI...

6.5CVSS7.3AI score0.00331EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/03 4:45 p.m.6 views

CVE-2025-31747

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in milan.latinovic WP Chrono wp-chrono allows DOM-Based XSS.This issue affects WP Chrono: from n/a through = 1.5.4...

6.5CVSS7.2AI score0.00331EPSS
Exploits0References1
NVD
NVD
added 2025/04/01 3:16 p.m.4 views

CVE-2025-31747

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in milan.latinovic WP Chrono wp-chrono allows DOM-Based XSS.This issue affects WP Chrono: from n/a through = 1.5.4...

6.5CVSS0.00331EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/01 2:51 p.m.3 views

CVE-2025-31747 WordPress WP Chrono plugin <= 1.5.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in milan.latinovic WP Chrono wp-chrono allows DOM-Based XSS.This issue affects WP Chrono: from n/a through = 1.5.4...

6.5CVSS8.6AI score0.00331EPSS
Exploits0References1
CVE
CVE
added 2025/04/01 2:51 p.m.37 views

CVE-2025-31747

CVE-2025-31747 is a DOM-based XSS vulnerability in the WordPress plugin WP Chrono (listed as WP Chrono) affecting versions up to 1.5.4. According to connected documentation, the issue is described as an “Improper Neutralization of Input During Web Page Generation” leading to DOM-based Cross-Site ...

6.5CVSS7.2AI score0.00331EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/01 2:51 p.m.13 views

CVE-2025-31747 WordPress WP Chrono plugin <= 1.5.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in milan.latinovic WP Chrono wp-chrono allows DOM-Based XSS.This issue affects WP Chrono: from n/a through = 1.5.4...

6.5CVSS0.00331EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.3 views

PT-2025-14136 · WordPress · Wp Chrono

Name of the Vulnerable Software and Affected Versions: WP Chrono versions 1.5.4 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing DOM-Based XSS. This enables potential attackers to inject...

6.5CVSS6.8AI score0.00331EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.3 views

WordPress plugin WP Chrono 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

6.5CVSS6.6AI score0.00331EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2024/06/24 12:0 p.m.2 views

atuin (>=0.3.0 <=11.0.0), atuin-client (>=0.6.2 <=11.0.0) +27 more potentially affected by unknown CVE via chrono-english (=0.1.8)

chrono-english CARGO version =0.1.8 is affected by a known vulnerability. The following packages have a transitive dependency on chrono-english and may be impacted: - atuin =0.3.0, =0.6.2, =0.6.2, =0.1.0, =1.9.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.4.2, =0.4.0, =0.7.0, =0.0.4, =1.0.0 and more Sour...

5.8AI score
Exploits0
RustSec
RustSec
added 2024/06/24 12:0 p.m.8 views

The maintainer of chrono-english is unresponsive

All versions will encounter compilation errors with a chrono version 0.4.35, due to backward incompatible API changes. User conradludgade reworked the original crate and created a fork with the same API surface called interim. The fork is better structured and passes the same test suite as...

7.1AI score
Exploits0
Github Security Blog
Github Security Blog
added 2022/02/11 7:11 p.m.34 views

Chrono has potential segfault issue in SPIFFE authenticator

Impact Several vulnerabilities have been reported in the time and chrono crates related to handling of calls to localtimer. You can follow some of the discussions here and here, and the associated CVE here. In our case, the issue with the dependency was flagged by our nightly CI build running...

5.3CVSS1AI score0.01881EPSS
Exploits0References7Affected Software1
Node.js
Node.js
added 2021/05/06 4:14 p.m.38 views

Denial of Service

Overview The package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces. Recommendation Upgrade to version 2.2.4 or later References - CVE - GitHub Advisory...

5CVSS4.2AI score0.01987EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsv
added 2021/05/06 3:58 p.m.3 views

@abbott-platform/abbott-framework (>=1.6.0 <=1.6.7), @abbott-platform/api-ai-botkit (>=1.5.3 <=1.5.4) +636 more potentially affected by CVE-2021-23371 via chrono-node (>=0.0.3 <=2.2.3)

chrono-node NPM version =0.0.3, =1.6.0, =1.5.3, =0.2.0, =1.3.0, =0.3.0, =3.1.0, =1.0.0, =4.0.0, =0.0.4, =0.0.1, =1.0.0, =1.0.0, =0.0.1, =0.2.3 and more Source cves: CVE-2021-23371 Source advisory: OSV:GHSA-HPMR-G4PQ-JHGP...

7.5CVSS7AI score0.01987EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2021/05/06 3:58 p.m.49 views

Denial of service in chrono-node

This affects the package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces...

7.5CVSS3.2AI score0.01987EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2021/05/06 3:58 p.m.32 views

GHSA-HPMR-G4PQ-JHGP Denial of service in chrono-node

This affects the package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces...

7.5CVSS7.1AI score0.01987EPSS
Exploits1References4
Veracode
Veracode
added 2021/04/13 2:43 a.m.12 views

Denial Of Service (DoS)

chrono-node is vulnerable to denial of service DoS. The vulnerability exists due to catastrophic backtracking in the regex matching, due to embedded spaces in the parseTimeUnits function...

7.5CVSS4.7AI score0.01987EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2021/04/13 12:0 a.m.6 views

Unspecified vulnerability in Npm chrono-node

Npm chrono-node is an application from Npm USA. Used to handle most date/time formats and extract information from any given text. A security vulnerability exists in Chrono-node prior to version 2.2.4, which stems from the program hanging on date-like strings with a large number of embedded space...

7.5CVSS6.4AI score0.01987EPSS
Exploits1References1
NVD
NVD
added 2021/04/12 1:15 p.m.37 views

CVE-2021-23371

This affects the package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces...

7.5CVSS0.01987EPSS
Exploits1References3
OSV
OSV
added 2021/04/12 1:15 p.m.16 views

CVE-2021-23371

This affects the package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces...

7.5CVSS6.8AI score
Exploits0References3
Rows per page
Query Builder