CVE-2025-62613

VDO.Ninja (versions 28.0–28.3) is affected by a reflected XSS in examples/control.html via the room parameter. The issue arises from improper sanitization before rendering in the DOM, due to insufficient input validation/encoding. The vulnerability could allow script execution in the context of t...

vdo.ninja 跨站脚本漏洞

vdo.ninja is a remote video input tool by Steve Seguin, an individual developer. A cross-site scripting vulnerability exists in vdo.ninja versions 28.0 through prior to 28.4, which stems from improper cleanup of the room parameter in examples/control.html, which could lead to a reflective...

WordPress WPO365 Plugin <= 27.2 is vulnerable to Cross Site Scripting (XSS)

Software WPO365 Type Plugin Vulnerable versions = 27.2 Fixed in 28.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4706 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c55d5d3f53f2 Credits stealthcopter Required privilege...

CVE-2022-43855

CVE-2022-43855 affects IBM SPSS Statistics IO Module (versions 26.0, 27.0.1, 28.0). A local user can create multiple files, leading to file-handle exhaustion and denial of service. IBM’s bulletin notes the vulnerability is associated with resource management errors (CWE-399) and confirms the expo...

Nextcloud Code Issues Vulnerabilities

Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A code issue vulnerability exists in versions of Nextcloud server prior to 28.0.0 that stems from an OAuth2 authorization code that is valid indefinitely,...

CVE-2023-47075

Adobe Illustrator versions 28.0 and earlier and 27.9 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Design/Logic Flaw

Adobe Illustrator versions 28.0 and earlier and 27.9 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the contex...

PT-2023-7691 · Adobe · Illustrator

Name of the Vulnerable Software and Affected Versions: Adobe Illustrator versions 28.0 and earlier Adobe Illustrator versions 27.9 and earlier Description: The issue is related to a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user...

Rockwell Automation 1336 PLUS Drive 28.0 A, 230V 1336S-AQF075 U Smart MCC

Binary data 754238.prm...

VulnCheck KEV: CVE-2014-1511

Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors...

Mozilla Firefox Denial of Service Vulnerability-01 (May 2014) - Windows

Mozilla Firefox is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2014:0448-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MozillaFirefox: Update to version 28.0 (important)

Mozilla Firefox was updated to version 28.0, receiving enhancements, bug and security fixes. Mozilla NSPR was updated to 4.10.4 receiving enhancements, bug and security fixes. Mozilla NSS was updated to 3.15.5 receiving enhancements, bug and security fixes. Changes in MozillaFirefox: - update to...

CVE-2014-1508

The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service out-of-bounds read and application...

Fedora 8 : emacspeak-28.0-3.fc8 (2008-8423)

Fri Sep 26 2008 Jens Petersen - 28.0-3 - CVE-2008-4191 fix tmpfile vulnerability in extract-table.pl with emacspeak-28.0-tmpfile.patch from upstream svn 463819 - Fri Sep 26 2008 Jens Petersen - 28.0-2 - fix broken generated deps reported by mtasaka 463899 - script the replacement of tcl with...

Fedora 9 : emacspeak-28.0-3.fc9 (2008-8379)

Fri Sep 26 2008 Jens Petersen - 28.0-3 - CVE-2008-4191 fix tmpfile vulnerability in extract-table.pl with emacspeak-28.0-tmpfile.patch from upstream svn 463820 - Fri Sep 26 2008 Jens Petersen - 28.0-2 - fix broken generated deps reported by mtasaka 463899 - script the replacement of tcl with...