6574 matches found
Code injection
Use of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit prior to 2.4.0...
CVE-2023-1160 Use of Platform-Dependent Third Party Components in cockpit-hq/cockpit
Use of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit prior to 2.4.0...
CVE-2023-1170 Heap-based Buffer Overflow in vim/vim
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376...
CVE-2023-1170 Heap-based Buffer Overflow in vim/vim
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376...
CVE-2023-1160
CVE-2023-1160 affects cockpit-hq/cockpit prior to version 2.4.0 due to use of platform-dependent third‑party components. The root cause is the incorporation of non-uniform components that vary by platform, leading to compatibility and risk concerns described across multiple sources. The documente...
CVE-2023-1160 Use of Platform-Dependent Third Party Components in cockpit-hq/cockpit
Use of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit prior to 2.4.0...
CVE-2023-1170
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376...
Input validation
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.8.0...
Cross site scripting
Cross-site Scripting XSS - Stored in GitHub repository flatpressblog/flatpress prior to 1.3...
Cross site scripting
Cross-site Scripting XSS - Stored in GitHub repository flatpressblog/flatpress prior to 1.3...
CVE-2023-1107
Cross-site Scripting XSS - Stored in GitHub repository flatpressblog/flatpress prior to 1.3...
CVE-2023-1147
CVE-2023-1147 is a stored XSS vulnerability in the FlatPress project (flatpressblog/flatpress) present in versions before 1.3. Connected sources confirm the issue is a stored XSS in post/comment handling, with a PoC available and details indicating the attack can be triggered via user-provided in...
CVE-2023-1107
CVE-2023-1107 is a stored Cross-site Scripting (XSS) vulnerability affecting FlatPress before version 1.3, documented as occurring in stored user input in flatpressblog/flatpress. Multiple sources (NVD/Red Hat/CNNVD/OSV) consistently describe a stored XSS issue in FlatPress prior to 1.3. Some con...
CVE-2023-1148 Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress
Cross-site Scripting XSS - Stored in GitHub repository flatpressblog/flatpress prior to 1.3...
CVE-2023-1146 Cross-site Scripting (XSS) - Generic in flatpressblog/flatpress
Cross-site Scripting XSS - Generic in GitHub repository flatpressblog/flatpress prior to 1.3...
CVE-2023-1107 Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress
Cross-site Scripting XSS - Stored in GitHub repository flatpressblog/flatpress prior to 1.3...
CVE-2023-1149 Improper Neutralization of Equivalent Special Elements in btcpayserver/btcpayserver
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.8.0...
CVE-2023-1107 Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress
Cross-site Scripting XSS - Stored in GitHub repository flatpressblog/flatpress prior to 1.3...
CVE-2023-1147 Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress
Cross-site Scripting XSS - Stored in GitHub repository flatpressblog/flatpress prior to 1.3...
Updated vim packages fix security vulnerability
A null pointer dereference issue was discovered in function guix11createblankmouse in guix11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts. CVE-2022-47024 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225...