22 matches found
CVE-2025-13566
A security vulnerability has been detected in jarun nnn up to 5.1. The impacted element is the function showcontentinfloatingwindow/runcmdasplugin of the file nnn/src/nnn.c. The manipulation leads to double free. An attack has to be approached locally. The identifier of the patch is...
CVE-2025-13566
A security vulnerability has been detected in jarun nnn up to 5.1. The impacted element is the function showcontentinfloatingwindow/runcmdasplugin of the file nnn/src/nnn.c. The manipulation leads to double free. An attack has to be approached locally. The identifier of the patch is...
CVE-2025-13566
A security vulnerability has been detected in jarun nnn up to 5.1. The impacted element is the function showcontentinfloatingwindow/runcmdasplugin of the file nnn/src/nnn.c. The manipulation leads to double free. An attack has to be approached locally. The identifier of the patch is...
CVE-2025-13566 jarun nnn nnn.c run_cmd_as_plugin double free
A security vulnerability has been detected in jarun nnn up to 5.1. The impacted element is the function showcontentinfloatingwindow/runcmdasplugin of the file nnn/src/nnn.c. The manipulation leads to double free. An attack has to be approached locally. The identifier of the patch is...
CVE-2025-13566
The CVE-2025-13566 entry applies to jarun nnn up to version 5.1. The vulnerability is in the function show_content_in_floating_window/run_cmd_as_plugin within nnn/src/nnn.c, where manipulation leads to a double free. The issue is exploitable with local access. A patch exists (patch identifier 2f0...
PT-2025-47859
A security vulnerability has been detected in jarun nnn up to 5.1. The impacted element is the function show content in floating window/run cmd as plugin of the file nnn/src/nnn.c. The manipulation leads to double free. An attack has to be approached locally. The identifier of the patch is...
nnn 资源管理错误漏洞
nnn is a terminal file manager by Arun Prakash Jana Personal Developer. A resource management error vulnerability exists in nnn 5.1 and earlier versions, which stems from a misbehavior of the function showcontentinfloatingwindow/runcmdasplugin in the file nnn/src/nnn.c, which could lead to a doub...
EUVD-2025-27265
Malicious code in bioql PyPI...
CVE-2025-48104
Cross-Site Request Forgery CSRF vulnerability in ericzane Floating Window Music Player floating-window-music-player allows Stored XSS.This issue affects Floating Window Music Player: from n/a through = 3.4.2...
CVE-2025-48104
Cross-Site Request Forgery CSRF vulnerability in ericzane Floating Window Music Player floating-window-music-player allows Stored XSS.This issue affects Floating Window Music Player: from n/a through = 3.4.2...
CVE-2025-48104 WordPress Floating Window Music Player plugin <= 3.4.2 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in ericzane Floating Window Music Player allows Stored XSS. This issue affects Floating Window Music Player: from n/a through 3.4.2...
CVE-2025-48104
CVE-2025-48104 concerns the Floating Window Music Player WordPress plugin. Public documentation confirms a CSRF vulnerability that leads to Stored XSS in versions up to 3.4.2. Affected software: Floating Window Music Player (WordPress plugin). Root cause: Cross-Site Request Forgery enabling store...
CVE-2025-48104 WordPress Floating Window Music Player plugin <= 3.4.2 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in ericzane Floating Window Music Player floating-window-music-player allows Stored XSS.This issue affects Floating Window Music Player: from n/a through = 3.4.2...
WordPress plugin Floating Window Music Player 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...
PT-2025-36244
Name of the Vulnerable Software and Affected Versions: Floating Window Music Player versions through 3.4.2 Description: A Cross-Site Request Forgery CSRF vulnerability exists in ericzane Floating Window Music Player, which also allows Stored Cross-Site Scripting XSS. Recommendations: Update...
WordPress Floating Window Music Player plugin <= 3.4.2 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by Skalucy in WordPress Plugin Floating Window Music Player versions = 3.4.2...
CVE-2023-41304
Parameter verification vulnerability in the window module.Successful exploitation of this vulnerability may cause the size of an app window to be adjusted to that of a floating window...
CVE-2023-41304
Parameter verification vulnerability in the window module.Successful exploitation of this vulnerability may cause the size of an app window to be adjusted to that of a floating window...
Code injection
Parameter verification vulnerability in the window module.Successful exploitation of this vulnerability may cause the size of an app window to be adjusted to that of a floating window...
CVE-2023-41304
Parameter verification vulnerability in the window module.Successful exploitation of this vulnerability may cause the size of an app window to be adjusted to that of a floating window...