11 matches found
CVE-2026-55886 Jodit Editor: Prototype Pollution in Jodit via Jodit.modules.Helpers.set()
Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. Versions prior to 4.12.26 are vulnerable to Prototype Pollution through Jodit.modules.Helpers.setchain, value, obj, which walks the dot-separated chain, creating and following each path segment...
CVE-2025-68045
CVE-2025-68045 concerns the WordPress WP Event Solution plugin, affected versions
Joomla VirtueMart Shopping-Cart 跨站脚本漏洞
Joomla VirtueMart Shopping-Cart is an open-source e-commerce shopping cart and online store management extension for VirtueMart. Version 4.0.12 of Joomla VirtueMart Shopping-Cart contains a cross-site scripting vulnerability, which stems from improper handling of the keyword parameter. This...
ZITADEL: Login V2 UI Policy Bypass Allows Unauthorized Self-Registration and Authentication
Summary A vulnerability in Zitadel's login V2 UI allowed users to bypass login behavior and security policies and self-register new accounts or sign in using password even if corresponding options were disabled in their organizaton. Impact Zitadel enables administrators to configure their...
CVE-2025-67716 Auth0 Next.js SDK has Improper Validation of Query Parameters
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions 4.9.0 through 4.12.1 contain an input-validation flaw in the returnTo parameter, which could allow attackers to inject unintended OAuth query parameters into the Auth0 authorization request...
CVE-2021-22281
: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12...
CVE-2023-47551
Cross-Site Request Forgery CSRF vulnerability in RedNao Donations Made Easy – Smart Donations.This issue affects Donations Made Easy – Smart Donations: from n/a through 4.0.12...
Vulnerability fixed in Xen
The developers of the Xen hypervisor have fixed a vulnerability fixed. A local malicious party within a guest system could potentially exploit the vulnerability potentially exploit it to cause a denial-of-service cause on the host or to obtain elevated privileges. Versions of Xen equal to or high...
OPENSUSE-SU-2020:0914-1 Security update for squid
This update for squid fixes the following issues: squid was updated to version 4.12 Security issue fixed: - CVE-2020-14059: Fixed an issue where a client could potentially deny the service of a server during TLS Handshake bsc1173304. Other issues addressed: - Reverted to slow search for new SMP s...
Xen Denial of Service Vulnerability (CNVD-2020-07294)
Xen is an open source virtual machine monitor product. A denial of service vulnerability exists in Xen 4.12. and earlier versions. The vulnerability stems from improper handling of certain bit iterations. An attacker could exploit this vulnerability to cause a denial of service...
UBUNTU-CVE-2016-6830
The "process-execute" and "process-spawn" procedures in CHICKEN Scheme used fixed-size buffers for holding the arguments and environment variables to use in its execve call. This would allow user-supplied argument/environment variable lists to trigger a buffer overrun. This affects all releases o...