EUVD-2024-52173

Malicious code in bioql PyPI...

Anchor CMS 安全漏洞

Anchor CMS is a CMS project by the Anchor team. A security vulnerability exists in Anchor CMS version v0.12.7, which stems from the page description field in the page creation screen being vulnerable to stored cross-site scripting attacks...

CVE-2024-37732

Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute arbitrary code via a crafted .pdf file...

CVE-2020-12071

Anchor 0.12.7 allows admins to cause XSS via crafted post content...

CVE-2022-1464

Stored xss bug in GitHub repository gogs/gogs prior to 0.12.7. As the repo is public , any user can view the report and when open the attachment then xss is executed. This bug allow executed any javascript code in victim account...

SUSE CVE-2024-53849

editorconfig-core-c is theEditorConfig core library written in C for use by plugins supporting EditorConfig parsing. In affected versions several overflows may occur in switch case '' when the input pattern contains many escaped characters. The added backslashes leave too little space in the outp...

CVE-2024-53849

editorconfig-core-c is theEditorConfig core library written in C for use by plugins supporting EditorConfig parsing. In affected versions several overflows may occur in switch case '' when the input pattern contains many escaped characters. The added backslashes leave too little space in the outp...

UBUNTU-CVE-2024-53849

editorconfig-core-c is theEditorConfig core library written in C for use by plugins supporting EditorConfig parsing. In affected versions several overflows may occur in switch case '' when the input pattern contains many escaped characters. The added backslashes leave too little space in the outp...

CVE-2024-53849

editorconfig-core-c is theEditorConfig core library written in C for use by plugins supporting EditorConfig parsing. In affected versions several overflows may occur in switch case '' when the input pattern contains many escaped characters. The added backslashes leave too little space in the outp...

CVE-2024-53849

The CVE-2024-53849 issue affects editorconfig-core-c (EditorConfig core library in C) where multiple escaped characters in input patterns can trigger stack/pointer overflows in the '[' handling during parsing. The root cause is that added backslashes reduce available space in nested-bracket outpu...

CVE-2024-53849 Several stack buffer overflows and pointer overflows in editorconfig-core-c

editorconfig-core-c is theEditorConfig core library written in C for use by plugins supporting EditorConfig parsing. In affected versions several overflows may occur in switch case '' when the input pattern contains many escaped characters. The added backslashes leave too little space in the outp...

Gogs 操作系统命令注入漏洞

Gogs Go Git Service is a self-service Git hosting service based on the Go language by the Gogs team, which supports creating and migrating public/private repositories, adding and deleting repository collaborators, and so on. An operating system command injection vulnerability exists in Gogs 0.12....

Anchor Cross-Site Scripting Vulnerability

Anchor is an open source lightweight blogging system. A cross-site scripting vulnerability exists in Anchor version v.0.12.7, which originates from a vulnerability that could allow a remote attacker to execute arbitrary code via a crafted .pdf file...

Cross-Site Request Forgery in Anchor CMS

Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery CSRF via /anchor/admin/categories/delete/2...

Cross-Site Request Forgery in Anchor CMS

Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery CSRF via /anchor/admin/users/delete/2...

CVE-2024-29499

Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery CSRF via /anchor/admin/users/delete/2...

Anchor 安全漏洞

Anchor is an open source lightweight blogging system. A security vulnerability exists in Anchor version v0.12.7, which stems from a cross-site request forgery CSRF in /anchor/admin/categories/delete/2...

Anchor 安全漏洞

Anchor is an open source lightweight blogging system. A security vulnerability exists in Anchor CMS version v0.12.7, which stems from a cross-site request forgery CSRF in /anchor/admin/users/delete/2...

Design/Logic Flaw

A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to versi...

String Kit 安全漏洞

String Kit is a string manipulation toolkit by the individual developer Cedric Ronvel. A security vulnerability exists in String Kit version 0.12.7 and earlier. An attacker exploited the vulnerability to cause low regular expression complexity...