CVE-2022-47436

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MantraBrain Yatra allows Stored XSS.This issue affects Yatra: from n/a through 2.1.14...

CVE-2025-47436 Apache ORC: Potential Heap Buffer Overflow during C++ LZO Decompression

Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory...

CVE-2025-47436

Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory...

CVE-2025-47436

CVE-2025-47436 (Apache ORC) : A heap-based buffer overflow found in the ORC C++ LZO decompression logic. Malformed ORC files can cause the decompressor to allocate a 250-byte buffer but copy 295 bytes, causing memory corruption. Affected versions (as documented): 1.8.0–1.8.8; 1.9.0–1.9.5; 2.0.0–2...

CVE-2025-47436 Apache ORC: Potential Heap Buffer Overflow during C++ LZO Decompression

Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory...

CVE-2025-47436

creationtimestamp| type| source ---|---|--- 2025-05-13 13:22:14+00:00| seen| https://seclists.org/oss-sec/2025/q2/126 2025-05-13 17:07:43+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lp2xwbnvzs2v 2025-05-13 18:07:08+00:00| seen|...

CVE-2024-47436

creationtimestamp| type| source ---|---|--- 2024-11-12 22:15:34+00:00| seen| https://t.me/cvedetector/10728...

CVE-2024-47436 Substance3D - Painter | Out-of-bounds Read (CWE-125)

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

CVE-2021-47436 usb: musb: dsps: Fix the probe error path

In the Linux kernel, the following vulnerability has been resolved: usb: musb: dsps: Fix the probe error path Commit 7c75bde329d7 "usb: musb: musbdsps: requestirq after initializing musb" has inverted the calls to dspssetupoptionalvbusirq and dspscreatemusbpdev without updating correctly the erro...

CVE-2022-47436

creationtimestamp| type| source ---|---|--- 2023-05-10 14:14:24+00:00| seen| https://t.me/cibsecurity/63736...

CVE-2022-47436

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MantraBrain Yatra allows Stored XSS.This issue affects Yatra: from n/a through 2.1.14...

CVE-2022-47436

CVE-2022-47436 is a Stored XSS affecting the WordPress plugin Yatra (Best Travel Booking WordPress Plugin) by MantraBrain. Public details confirm the vulnerability exists in Yatra versions through 2.1.14 and that a fix is available in version 2.1.15. The root cause is improper neutralization of i...

WordPress Yatra Plugin <= 2.1.14 is vulnerable to Cross Site Scripting (XSS)

Software Yatra Type Plugin Vulnerable versions = 2.1.14 Fixed in 2.1.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47436 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2a485b1401a3 Credits Team WeBoB Required privilege...