3642 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-46041
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Segmentation Fault Vulnerability exists in GPAC 1.0.1 via the co64boxnew function, which causes a Denial of Service. CVE-2021-46041 Note that Nessus relies on...
Malicious code in @hornetsecurity/angular-search-box (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-6903 Malicious code in @hornetsecurity/angular-search-box (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
Malicious code in metacoin-box (npm)
The package metacoin-box was found to contain malicious code...
Malicious code in node-box-config (npm)
The package node-box-config was found to contain malicious code...
Malicious code in center-box (npm)
The package center-box was found to contain malicious code...
MAL-2025-16721 Malicious code in center-box (npm)
The package center-box was found to contain malicious code...
MAL-2025-26227 Malicious code in metacoin-box (npm)
The package metacoin-box was found to contain malicious code...
MAL-2025-27607 Malicious code in node-box-config (npm)
The package node-box-config was found to contain malicious code...
CVE-2025-49056
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shen2 多说社会化评论框 duoshuo allows Reflected XSS.This issue affects 多说社会化评论框: from n/a through = 1.2...
CVE-2025-49056 WordPress 多说社会化评论框 Plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shen2 多说社会化评论框 duoshuo allows Reflected XSS.This issue affects 多说社会化评论框: from n/a through = 1.2...
CVE-2025-49056
CVE-2025-49056 affects the WordPress plugin 多说社会化评论框 (versions n/a through 1.2). The vulnerability is a Reflected Cross-Site Scripting (XSS) caused by improper neutralization of input during web page generation. The CVSS v3.1 vector is AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L with a base score of 7.1 ...
WordPress plugin 多说社会化评论框 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...
PT-2025-33186 · Unknown · Shen2 多说社会化评论框
Name of the Vulnerable Software and Affected Versions: shen2 多说社会化评论框 versions n/a through 1.2 Description: The software contains an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' issue that allows Reflected XSS. Recommendations: At the moment, there is no...
OSV-2025-617 UNKNOWN WRITE in MP4_BoxFree
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=437783630 Crash type: UNKNOWN WRITE Crash state: MP4BoxFree MP4ReadBoxContainerChildrenIndexed MP4ReadBoxContainer...
CVE-2025-8707
A vulnerability was found in Huuge Box App 1.0.3 on Android. It has been classified as problematic. This affects an unknown part of the file AndroidManifest.xml of the component com.huuge.game.zjbox. The manipulation leads to improper export of android application components. Local access is...
CVE-2025-8707
A vulnerability was found in Huuge Box App 1.0.3 on Android. It has been classified as problematic. This affects an unknown part of the file AndroidManifest.xml of the component com.huuge.game.zjbox. The manipulation leads to improper export of android application components. Local access is...
CVE-2025-8707
A vulnerability was found in Huuge Box App 1.0.3 on Android. It has been classified as problematic. This affects an unknown part of the file AndroidManifest.xml of the component com.huuge.game.zjbox. The manipulation leads to improper export of android application components. Local access is...
CVE-2025-8707
CVE-2025-8707 affects Huuge Box App 1.0.3 on Android, specifically the component com.huuge.game.zjbox through improper export of AndroidManifest.xml. The root cause is manipulation of an AndroidManifest.xml element that leads to exporting of application components, requiring local access for expl...
CVE-2025-8707 Huuge Box App com.huuge.game.zjbox AndroidManifest.xml improper export of android application components
A vulnerability was found in Huuge Box App 1.0.3 on Android. It has been classified as problematic. This affects an unknown part of the file AndroidManifest.xml of the component com.huuge.game.zjbox. The manipulation leads to improper export of android application components. Local access is...