Lucene search
K

27 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/27 11:50 p.m.5 views

Malicious code in @c11-lib-ts/document-handler (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf45faf4cf8ea3609807fa01163bcf09cd1e633ed2744a8593f0efe85a8f0b24 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
NVD
NVD
added 2024/04/30 1:15 a.m.18 views

CVE-2024-4327

A vulnerability was found in Apryse WebViewer up to 10.8.0. It has been classified as problematic. This affects an unknown part of the component PDF Document Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to...

4CVSS3.6AI score0.00453EPSS
Exploits0References5
CVE
CVE
added 2024/04/30 1:0 a.m.40 views

CVE-2024-4327

The CVE-2024-4327 entry concerns Apryse WebViewer (up to 10.8.0). Affected component: the PDF Document Handler, where a cross-site scripting flaw has been identified. Root cause: improper handling in this component enables malicious input to execute in the context of a user session. Impact: remot...

4CVSS6AI score0.00453EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/04/30 12:0 a.m.5 views

Apryse WebViewer 跨站脚本漏洞

Apryse WebViewer is a web browser from Apryse Corporation. A cross-site scripting vulnerability exists in Apryse WebViewer version 10.8.0, which stems from the component PDF Document Handler that causes cross-site scripting...

4CVSS6AI score0.00453EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/04/29 12:0 a.m.5 views

PT-2024-30433 · Apryse · Apryse Webviewer

Name of the Vulnerable Software and Affected Versions: Apryse WebViewer versions up to 10.8.0 Description: A vulnerability was found in the PDF Document Handler component of Apryse WebViewer, which can lead to cross site scripting. The manipulation can be initiated remotely. The vendor recommends...

4CVSS6.5AI score0.00453EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2024/04/12 12:0 a.m.7 views

The vulnerability of the DocumentHandler component of the ONLYOFFICE Workspace document management system arises due to deficiencies in the encryption of user-input data. This vulnerability allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the DocumentHandler component of the ONLYOFFICE Workspace document management system exists due to deficiencies in the encryption of user-input data. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks XSS remotely...

5.5CVSS6AI score0.00582EPSS
Exploits1References4Affected Software1
RedHat Linux
RedHat Linux
added 2014/02/04 7:35 p.m.5 views

OpenJDK: XXE issue in decoder (Beans, 8023245)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the Janua...

5.5CVSS6.4AI score0.03616EPSS
Exploits0References5
Rows per page
Query Builder