40 matches found
EUVD-2023-30551
Malicious code in bioql PyPI...
CVE-2022-30551
OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to cause a server to stop processing messages by sending crafted messages that exhaust available resources...
CVE-2025-30551
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in smartredfox Pretty file links pretty-file-links allows Stored XSS.This issue affects Pretty file links: from n/a through = 0.9...
CVE-2025-30551
CVE-2025-30551 concerns the WordPress plugin Pretty file links, which is affected by a Stored Cross-Site Scripting (XSS) vulnerability. The issue is described as stored XSS in Pretty file links (version range “from n/a through 0.9”). Connected sources indicate the vulnerability status as Unpatche...
CVE-2024-30551
CVE-2024-30551 (Sticky Anything, Toast Stick Anything WordPress plugin) is an unauthenticated Stored XSS in Sticky Anything, affecting versions up to 2.1.5. The CVSSv3.1 score is 7.1 (HIGH) with Network attack vector, no privileges, user interaction required, and changed scope; impact to confiden...
CVE-2024-30551 WordPress Sticky Anything plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Toast Plugins Sticky Anything.This issue affects Sticky Anything: from n/a through 2.1.5...
CVE-2024-30551 WordPress Sticky Anything plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Toast Plugins Sticky Anything.This issue affects Sticky Anything: from n/a through 2.1.5...
WordPress Sticky Anything Plugin <= 2.1.5 is vulnerable to Cross Site Scripting (XSS)
Software Sticky Anything Type Plugin Vulnerable versions = 2.1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30551 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 25bb0e7db645 Credits Mika Required privilege...
Design/Logic Flaw
Use after free in Diagnostics in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rekor (SUSE-SU-2023:2210-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2210-1 advisory. - Rekor is an open source software supply chain transparency log. Rekor prior to version 1.1.1 may crash...
CVE-2023-30551
creationtimestamp| type| source ---|---|--- 2023-05-08 20:37:48+00:00| seen| https://t.me/cibsecurity/63452...
CVE-2023-30551 vulnerabilities
Vulnerabilities for packages: ko, apko, aactl...
CVE-2023-30551 vulnerabilities
Vulnerabilities for packages: ko, aactl, apko...
CVE-2023-30551
CVE-2023-30551 affects Rekor (open source transparency log). Prior to version 1.1.1, an out-of-memory (OOM) condition can occur when Rekor reads archive metadata files into memory without validating their sizes. Specifically, JAR submissions can trigger OOM during verification if large META-INF e...
SUSE CVE-2021-30551
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-30551
OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to cause a server to stop processing messages by sending crafted messages that exhaust available resources...
CVE-2022-30551
CVE-2022-30551 affects OPC UA Legacy Java Stack (version 2022-04-01). A remote attacker can send crafted OPC UA messages that exhaust server resources, causing the server to stop processing messages (DoS). The related records (Red Hat, CNVD, NVD, ZDI) describe the same denial-of-service impact an...
Google Releases Urgent Chrome Update to Patch 2 Actively Exploited 0-Day Bugs
Google on Thursday rolled out an emergency update for its Chrome web browser, including fixes for two zero-day vulnerabilities that it says are being actively exploited in the wild. Tracked as CVE-2021-38000 and CVE-2021-38003, the weaknesses relate to insufficient validation of untrusted input i...
Google Chrome Heap Corruption (CVE-2021-30551)
A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Details iOS, Chrome, IE Zero-Day Flaws Exploited Recently in the Wild
Threat intelligence researchers from Google on Wednesday shed more light on four in-the-wild zero-days in Chrome, Safari, and Internet Explorer browsers that were exploited by malicious actors in different campaigns since the start of the year. What's more, three of the four zero-days were...