34 matches found
EUVD-2012-5922
Malware in sbrugna...
EUVD-2022-46307
Malicious code in bioql PyPI...
EUVD-2022-46308
Malicious code in bioql PyPI...
CVE-2022-43263
A cross-site scripting XSS vulnerability in Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the name of an uploaded file...
CVE-2012-6048
Guitar Pro 6.1.1 r10791 allows remote attackers to cause a denial of service crash via a long string in a gpx file...
SUSE CVE-2020-14940
An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar 1.5.4. It uses misconfigured XML parsers, leading to XXE while loading GP6 .gpx and GP7 .gp tablature files...
CVE-2022-43264
Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows attackers to perform directory traversal and download arbitrary files via a crafted web request...
CVE-2022-43263
A cross-site scripting XSS vulnerability in Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the name of an uploaded file...
CVE-2022-43263
A cross-site scripting XSS vulnerability in Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the name of an uploaded file...
CVE-2022-43264
Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows attackers to perform directory traversal and download arbitrary files via a crafted web request...
Directory traversal
Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows attackers to perform directory traversal and download arbitrary files via a crafted web request...
Cross site scripting
A cross-site scripting XSS vulnerability in Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the name of an uploaded file...
CVE-2022-43263
Arobas Music Guitar Pro for iPad/iPhone is affected by a cross-site scripting (XSS) vulnerability in versions prior to 1.10.2. The issue allows an attacker to inject arbitrary web scripts or HTML by crafting the name of a file uploaded to the app. The root cause is tied to handling of uploaded fi...
CVE-2022-43264
Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows attackers to perform directory traversal and download arbitrary files via a crafted web request...
Arobas Music Guitar Pro 路径遍历漏洞
Arobas Music Guitar Pro is a multi-track guitar, bass and sheet music editor from the French company Arobas Music. A security vulnerability exists in Arobas Music Guitar Pro v1.10.2 and earlier, which stems from a vulnerability that allows an attacker to implement directory traversal and download...
CVE-2022-43264
Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows attackers to perform directory traversal and download arbitrary files via a crafted web request...
CVE-2022-43263
A cross-site scripting XSS vulnerability in Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the name of an uploaded file...
PT-2022-26818 · Arobas Music · Arobas Music Guitar Pro
Name of the Vulnerable Software and Affected Versions: Arobas Music Guitar Pro for iPad and iPhone versions prior to 1.10.2 Description: The issue allows attackers to perform directory traversal and download arbitrary files via a crafted web request. Recommendations: For versions prior to 1.10.2,...
CVE-2022-43263
A cross-site scripting XSS vulnerability in Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the name of an uploaded file...
PT-2022-26817 · Arobas Music · Arobas Music Guitar Pro
Name of the Vulnerable Software and Affected Versions: Arobas Music Guitar Pro for iPad and iPhone versions prior to 1.10.2 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the name of an uploaded file...