84 matches found
EUVD-2020-23016
Malware in sbrugna...
EUVD-2020-20602
Malware in sbrugna...
EUVD-2025-25465
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-7969
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This...
CVE-2025-7969
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This vulnerability is associated with program files lib/renderer.mjs. This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not conside...
CVE-2025-7969
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This vulnerability is associated with program files lib/renderer.mjs. This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not conside...
UBUNTU-CVE-2025-7969
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This vulnerability is associated with program files lib/renderer.mjs. This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not conside...
CVE-2025-7969 Markdown-it 14.1.0 - Cross-site scripting (XSS)
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This vulnerability is associated with program files lib/renderer.mjs. This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not conside...
PT-2025-34250 · Unknown +1 · Markdown-It +1
Name of the Vulnerable Software and Affected Versions: markdown-it version 14.1.0 Description: A flaw exists in markdown-it due to improper neutralization of input during web page generation, which allows for Cross-Site Scripting XSS. The issue is associated with the lib/renderer.mjs program file...
CVE-2020-28115
SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the objectpath parameter...
windmill-cli (>=0.0.1 <=0.0.13) potentially affected by CVE-2024-49770 via @oakserver/oak (>=12.6.2 <=14.1.0)
@oakserver/oak NPM version =12.6.2, =0.0.1, =0.0.13 Source cves: CVE-2024-49770 Source advisory: OSV:GHSA-QM92-93FV-VH7M...
WordPress BuddyPress plugin <= 14.1.0 - Authenticated (Subscriber+) Directory Traversal vulnerability
Authenticated Subscriber+ Directory Traversal vulnerability discovered by Domons in WordPress Plugin BuddyPress versions = 14.1.0...
CVE-2024-35224
OpenProject is the leading open source project management software. OpenProject utilizes tablesorter inside of the Cost Report feature. This dependency, when misconfigured, can lead to Stored XSS via icon substitution in table header values. This attack requires the permissions "Edit work package...
CVE-2024-35224 Stored Cross-Site Scripting (XSS) in OpenProject
OpenProject is the leading open source project management software. OpenProject utilizes tablesorter inside of the Cost Report feature. This dependency, when misconfigured, can lead to Stored XSS via icon substitution in table header values. This attack requires the permissions "Edit work package...
CVE-2024-35224 Stored Cross-Site Scripting (XSS) in OpenProject
OpenProject is the leading open source project management software. OpenProject utilizes tablesorter inside of the Cost Report feature. This dependency, when misconfigured, can lead to Stored XSS via icon substitution in table header values. This attack requires the permissions "Edit work package...
CVE-2024-35224 Stored Cross-Site Scripting (XSS) in OpenProject
OpenProject is the leading open source project management software. OpenProject utilizes tablesorter inside of the Cost Report feature. This dependency, when misconfigured, can lead to Stored XSS via icon substitution in table header values. This attack requires the permissions "Edit work package...
OpenProject 安全漏洞
OpenProject is an open source web-based project management software. The software features project planning, task management, bug tracking, and cost budgeting. A security vulnerability exists in OpenProject that stems from a stored cross-site scripting XSS vulnerability in the tablesorter of the...
Piwigo < 14.1.0 XSS Vulnerability
Piwigo is prone to a cross-site scripting XSS vulnerability in the Admin Tools plug-in component. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...
F5 BIG-IP TMUI Directory Traversal / File Upload / Code Execution Exploit
This Metasploit module exploits a directory traversal in F5's BIG-IP Traffic Management User Interface TMUI to upload a shell script and execute it as the Unix root user. Unix shell access is obtained by escaping the restricted Traffic Management Shell TMSH. The escape may not be reliable, and yo...
F5 Networks BIG-IP : TMM vulnerability (K25400442)
The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.6 / 14.1.2.5 / 15.1.1 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K25400442 advisory. - On BIG-IP 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and...