firefox: thunderbird: Spoofing issue in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the DOM: Core & HTML component...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Core components after their release, which could allow remote attackers with access to the renderin...

CVE-2026-6762

Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

Mozilla -- Spoofing issue

https://bugzilla.mozilla.org/showbug.cgi?id=2021080 reports: Spoofing issue in the DOM: Core & HTML component...

firefox: thunderbird: Mitigation bypass in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Core & HTML component...

EUVD-2019-15699

Malware in sbrugna...

EUVD-2021-16492

Malware in sbrugna...

EUVD-2014-4196

Malware in sbrugna...

EUVD-2017-1794

Malware in sbrugna...

EUVD-2019-17272

Malware in sbrugna...

EUVD-2016-0723

Malware in sbrugna...

EUVD-2017-1795

Malware in sbrugna...

fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()

...

CVE-2024-21485

Versions of the package dash-core-components before 2.13.0; versions of the package dash-core-components before 2.0.0; versions of the package dash before 2.15.0; versions of the package dash-html-components before 2.0.0; versions of the package dash-html-components before 2.0.16 are vulnerable t...

CVE-2023-25571

Backstage is an open platform for building developer portals. @backstage/catalog-model prior to version 1.2.0, @backstage/core-components prior to 0.12.4, and @backstage/plugin-catalog-backend prior to 1.7.2 are affected by a cross-site scripting vulnerability. This vulnerability allows a malicio...

CVE-2021-2108

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core Components. The supported version that is affected is 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server...

VulnCheck KEV: CVE-2019-2618

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

Cross-Site Scripting (XSS)

dash-core-components are vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to improper handling of the href attribute of the tag when the href attribute is controlled by an adversary. This allows an attacker to steal data that is visible to another user who opens a view...

buzzword (>=1.2.1 <=1.2.3), dash-tokamak (=1.6.0) +22 more potentially affected by CVE-2024-21485 via dash-core-components (>=0.22.1 <=1.9.1)

dash-core-components PYPI version =0.22.1, =1.2.1, =0.1.0, =2.0.0b0, =0.1.0, =0.1.0, =0.2.0, =1.0.0, =0.0.2, =0.1.13 and more Source cves: CVE-2024-21485 Source advisory: OSV:GHSA-547X-748V-VP6P...

CVE-2024-21485

Versions of the package dash-core-components before 2.13.0; versions of the package dash-core-components before 2.0.0; versions of the package dash before 2.15.0; versions of the package dash-html-components before 2.0.0; versions of the package dash-html-components before 2.0.16 are vulnerable t...