131 matches found
EUVD-2011-1691
Malware in sbrugna...
EUVD-2017-16930
Malware in sbrugna...
EUVD-2023-23494
Malicious code in bioql PyPI...
EUVD-2022-3024
Malicious code in bioql PyPI...
EUVD-2023-1330
Malicious code in bioql PyPI...
WordPress plugin Optimize More! – CSS 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Optimize...
PT-2025-24610 · WordPress · Bunny'S Print Css
Name of the Vulnerable Software and Affected Versions: Bunny's Print CSS plugin for WordPress versions up to, and including, 0.95 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the pcss options subpanel function. This allows...
CVE-2025-27295
CVE-2025-27295 corresponds to a Cross-Site Scripting (stored XSS) flaw in the WordPress plugin Live css (wpion Live css). Affected: Live css versions up to 1.3. Root cause: improper input neutralization during web page generation. Impact: stored XSS risk for page visitors; CVSS v3.1 base score 7....
DEBIAN-CVE-2024-7000
Use after free in CSS in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
Google Chrome Code Execution Vulnerability (CNVD-2024-33605)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that originates from memory reuse after release in CSS. An attacker can exploit this vulnerability to execute arbitrary code on the system...
PT-2024-5299 · Google +4 · Google Chrome +4
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 127.0.6533.72 Microsoft Edge affected versions not specified Description: The issue is related to a use after free in CSS, which can lead to heap corruption. A remote attacker could potentially exploit this by...
CVE-2023-6707
Use after free in CSS in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2023-6707
Use after free in CSS in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
aporia.it Cross Site Scripting vulnerability OBB-3617269
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
SUSE CVE-2023-4428
Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...
feelunique.fr Cross Site Scripting vulnerability OBB-3493337
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
SUSE CVE-2023-1215
Type confusion in CSS in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2011-3068
Use-after-free vulnerability in the Cascading Style Sheets CSS implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes...
DEBIAN-CVE-2022-3304
Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2022-35739
PRTG Network Monitor through 22.2.77.2204 does not prevent custom input for a device’s icon, which can be modified to insert arbitrary content into the style tag for that device. When the device page loads, the arbitrary Cascading Style Sheets CSS data is inserted into the style tag, loading...