Delta Industrial Automation DIAScreen XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

Delta Industrial Automation DIAScreen XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

Google Android Input Validation Error Vulnerability (CNVD-2022-06151)

Google Android is a Linux-based open source operating system from Google, Inc. Google Android 11 is vulnerable to an input validation error, which stems from a network system or product that does not properly validate input data. No details of the vulnerability are currently available...

Keystone 跨站脚本漏洞

Keystone is one of the most powerful Node.js headless Cms. used to help you build and scale faster than any other Cms or application framework. keystone suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in web applications. An...

GSD-2022-1000034 i2c: validate user data in compat ioctl

i2c: validate user data in compat ioctl This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.170 by commit...

IBM Security Verify Access 跨站脚本漏洞

IBM Security Verify Access is a service from IBM USA that improves user access security. The service enables secure and simple access to platforms such as Web, mobile, IoT, and cloud technologies through the use of risk-based access, single sign-on, integrated access management controls, identity...

Siemens syngo fastView BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens syngo fastView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

hoppscotch cross-site scripting vulnerability

Hoppscotch is a free, fast and beautiful API request generator. Hoppscotch suffers from a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit the vulnerability to execute JavaScript code on the client...

WordPress Cross-Site Scripting Vulnerability (CNVD-2022-03210)

WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress has a cross-site scripting vulnerability in versions prior to 5.8.3, which stems from a lack of...

Apache Pluto Cross-Site Scripting Vulnerability (CNVD-2022-02488)

Apache Pluto is a runtime environment for a set of Portlet containers from the Apache Foundation.Apache Pluto in version 3.1.0 has a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied and output data in the first name and last name fields. An...

Latte Cross-Site Scripting Vulnerability

Latte is a template engine for Nette Foundation's Php. Latte in version 2.8.0 contains a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client...

Fluxbb Cross-Site Scripting Vulnerability (CNVD-2022-03216)

Fluxbb is a Php-based forum system from the Fluxbb organization. fluxbb has a cross-site scripting vulnerability in v1.4.12, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit the vulnerability to execute JavaScript code on the client...

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress has a cross-site scripting vulnerability in versions prior to 5.8.3, which stems from a lack of...

Atlassian Jira 安全漏洞

Atlassian Jira is a defect tracking management system from Atlassian Australia. Atlassian Jira is vulnerable to a remote code execution vulnerability that originates when a networked system or product does not properly validate incoming data. An attacker could use this vulnerability to execute...

WordPress Mortgage Calculator/Loan Calculator Cross-Site Scripting Vulnerability

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress Mortgage Calculator/Loan Calculator has a cross-site scripting vulnerability in versions prior to 1.5.17, which ste...

Siemens JT2Go PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF...

WordPress CRM Form Entries Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress CRM Form Entries Plugin has a cross-site scripting vulnerability in versions prior to 1.1.7, which ste...

BeyondTrust Remote Support 跨站脚本漏洞

BeyondTrust Remote Support is a remote desktop access, help desk and collaboration software for Windows, Mac, Linux, Ios iPad, iPhone, etc. BeyondTrust Remote Support is vulnerable to cross-site request forgery. The vulnerability stems from the lack of proper validation of client-side data in the...

Huawei WS318n Cross-Site Scripting Vulnerability

Huawei WS318n is a router from Huawei China.The Huawei WS318n product suffers from a cross-site scripting vulnerability in the network settings interface, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit the vulnerability to execute...

ifme notifications section cross-site scripting vulnerability

Ifme is open source a mental health experience community that encourages people to share their personal stories with trusted allies. Ifme suffers from a cross-site scripting vulnerability in versions v1.0.0 through v7.31.4, which stems from a lack of checksum filtering of user-supplied and output...