Librenms 跨站脚本漏洞

Librenms is a PHP and MySQL based open source network monitoring system from the Librenms community. The system features custom alerts, auto-discovery of network environments and automatic updates.Librenms suffers from a cross-site scripting vulnerability that stems from a lack of data validation...

MiniCMS Cross-Site Scripting Vulnerability (CNVD-2022-11519)

MiniCMS is a content management system CMS designed for personal websites. miniCMS has a security vulnerability that stems from the lack of proper validation of client-side data in the WEB application, which can be exploited by attackers to execute client-side code...

Taocms Cross-Site Scripting Vulnerability (CNVD-2022-11522)

Taocms is a micro Cms content management system in China. Taocms suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in the WEB application, which can be exploited by attackers to execute client-side code...

OIC Exponent CMS Cross-Site Scripting Vulnerability (CNVD-2022-33602)

OIC Exponent CMS is a free, open source PHP-based modular content management system CMS from OIC, Inc. The system supports direct editing in pages and provides user management, site configuration, content editing and other functions.Exponent CMS has a cross-site scripting vulnerability, which...

XWiki Platform Cross-Site Scripting Vulnerability (CNVD-2022-13407)

Xwiki Platform is a wiki platform for creating web collaboration applications from the French company Xwiki. XWiki Platform is vulnerable to a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied data and output in registerinline, which could be...

Schneider Electric Interactive Graphical SCADA System Buffer Overflow Vulnerability (CNVD-2022-13069)

Schneider Electric Interactive Graphical SCADA System IGSS is a SCADA Data Acquisition and Supervisory System system for monitoring and controlling industrial processes from Schneider Electric, France. The Schneider Electric Interactive Graphical SCADA System suffers from a buffer overflow...

OIC Exponent CMS Cross-Site Scripting Vulnerability (CNVD-2022-33604)

OIC Exponent CMS is a free, open source PHP-based modular content management system CMS from OIC, Inc. The system supports editing directly in the page and provides user management, site configuration, content editing and other functions. oic Exponent CMS has a cross-site scripting vulnerability,...

CVE-2021-4098

Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

CVE-2021-4098

Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

CVE-2021-4098

Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

DEBIAN-CVE-2021-4098

Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

Input validation

Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

CVE-2021-4098

Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

CVE-2021-4098

Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

CVE-2021-4098

CVE-2021-4098 affects Mojo in Google Chrome/Chromium prior to 96.0.4664.110, enabling a renderer-compromised remote attacker to potentially escape sandbox via a crafted HTML page. Affected: Chromium-based browsers; root cause: insufficient data validation in Mojo. Impact: sandbox escape risk as d...

CVE-2021-4098

Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

CVE-2021-4098

Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

Input validation

Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networki...

CVE-2021-35069

CVE-2021-35069 describes an improper validation of data length received from a DMA buffer that can cause memory corruption in Qualcomm Snapdragon products. Affected families include Snapdragon Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, and WIN (Snapdragon ha...

CVE-2021-35069

Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networki...