83 matches found
GPAC Project Advanced Content 缓冲区错误漏洞
GPAC is an open source multimedia framework. a security vulnerability exists in GPAC Project Advanced Content, which stems from the failure of the product's MPEG-4 to check the correctness of additive operations. An attacker could cause memory corruption through this vulnerability...
Cross-site Scripting (XSS)
ckeditor-dev is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary javascript via the src attribute in the iframe element. This can only occur when the Iframe plugin is used and advanced content filter is turned off in a browser...
Cross-site Scripting (XSS)
ckeditor-dev is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary javascript via the srcdoc attribute in the iframe element. This attack can only happen with the Iframe plugin and Advanced Content Filter turned off...