Stripe: The `stripe/veneur` GitHub repository links to a domain `veneur.org`, which is not under stripe's control

The stripe/veneur GitHub repository contained a link to an external domain, veneur.org, which was not under Stripe's control. This posed a security risk as the domain could be exploited for phishing or supply chain contamination attacks. The link has since been removed from the repository, but ma...

CVE-2023-3067

Cross-site Scripting XSS - Stored in GitHub repository zadam/trilium prior to 0.59.4...

PT-2023-22888 · Tsolucio · Tsolucio/Corebos

Name of the Vulnerable Software and Affected Versions: tsolucio/corebos versions prior to 8 Description: The issue concerns an unverified password change in the GitHub repository tsolucio/corebos. Recommendations: For versions prior to 8, update to version 8 or later to resolve the issue...

CVE-2023-3070 Cross-site Scripting (XSS) - Stored in tsolucio/corebos

Cross-site Scripting XSS - Stored in GitHub repository tsolucio/corebos prior to 8...

CVE-2023-3073 Cross-site Scripting (XSS) - Stored in tsolucio/corebos

Cross-site Scripting XSS - Stored in GitHub repository tsolucio/corebos prior to 8 via evvtgendoc...

CVE-2023-3069

The CVE-2023-3069 entry concerns coreBOS (tsolucio/corebos) up to version 8, affected by an unverified password change vulnerability in the account password change feature. The underlying issue is bypass of password length and complexity validation, enabling an attacker to change a password witho...

CVE-2023-3067

CVE-2023-3067 is a stored XSS vulnerability affecting Trilium Notes (zadam/trilium) in versions prior to 0.59.4. The issue arises from a stored XSS condition when a user creates a note and its name (title) is rendered in the UI (Note Map functionality), allowing scripts to be stored and later exe...

CVE-2023-3073 Cross-site Scripting (XSS) - Stored in tsolucio/corebos

Cross-site Scripting XSS - Stored in GitHub repository tsolucio/corebos prior to 8 via evvtgendoc...

CVE-2023-3074 Cross-site Scripting (XSS) - Stored in tsolucio/corebos

Cross-site Scripting XSS - Stored in GitHub repository tsolucio/corebos prior to 8...

CVE-2023-3070 Cross-site Scripting (XSS) - Stored in tsolucio/corebos

Cross-site Scripting XSS - Stored in GitHub repository tsolucio/corebos prior to 8...

CVE-2023-3067 Cross-site Scripting (XSS) - Stored in zadam/trilium

Cross-site Scripting XSS - Stored in GitHub repository zadam/trilium prior to 0.59.4...

CVE-2023-3071 Cross-site Scripting (XSS) - Stored in tsolucio/corebos

Cross-site Scripting XSS - Stored in GitHub repository tsolucio/corebos prior to 8...

CVE-2023-3026

Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 21.2.8...

CVE-2023-3026 Cross-site Scripting (XSS) - Stored in jgraph/drawio

Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 21.2.8...

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository mkucej/i-librarian-free prior to 5.10.4...

nilsteampassnet/teampass vulnerable to cross-site scripting

Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. This enables an attacker to inject malicious code into a shared folder, which can then be executed by other users who have access to the folder...

Null pointer dereference

NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2...

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9...

CVE-2023-2999

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.14...

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.14...