Astra Linux - уязвимость в libxslt

Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data...

CVE-2025-26882

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab Popup Builder easy-notify-lite allows Stored XSS.This issue affects Popup Builder: from n/a through = 1.1.33...

CVE-2025-26882 WordPress Popup Builder plugin <= 1.1.33 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab Popup Builder easy-notify-lite allows Stored XSS.This issue affects Popup Builder: from n/a through = 1.1.33...

WordPress plugin Popup Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Popup Builder plugin <= 1.1.33 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Popup Builder versions = 1.1.33...

CVE-2024-3236 Easy Notify Lite < 1.1.33 - Contributor+ Stored XSS

The Popup Builder WordPress plugin before 1.1.33 does not sanitise and escape some of its Notification fields, which could allow users such as contributor and above to perform Stored Cross-Site Scripting attacks...

WordPress plugin Popup Builder security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-26656 · Heateor · Heateor Social Login

Name of the Vulnerable Software and Affected Versions: Heateor Social Login versions 1.1.32 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: Fo...

WordPress Shopstar! theme <= 1.1.33 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Shopstar! versions = 1.1.33...

F5 Networks BIG-IP : OpenJDK vulnerability (K10812540)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.8 / 16.1.4 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K10812540 advisory. In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances...

libxslt Type Confusion vulnerability that affects Nokogiri

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data. Nokogiri prior to version 1.10.5 used a vulnerable...

GHSA-CF46-6XXH-PC75 libxslt Type Confusion vulnerability that affects Nokogiri

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data. Nokogiri prior to version 1.10.5 used a vulnerable...

GHSA-4HM9-844J-JMXP Uninitialized read in Nokogiri gem

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character...

Uninitialized read in Nokogiri gem

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character...

Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-2290)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-5815

Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data...

DEBIAN-CVE-2019-5815

Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data...

CVE-2019-5815

Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data...

CVE-2019-5815

Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data...

CVE-2019-5815

Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data...