683 matches found
CVE-2026-23753
GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the language management functionality where the charset POST parameter is passed directly to SWIFTLanguage::Create without HTML sanitization and subsequently rendered unsanitized by ViewLanguage.RenderGrid. An...
CVE-2026-23753
GFI HelpDesk
CVE-2026-23753
GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the language management functionality where the charset POST parameter is passed directly to SWIFTLanguage::Create without HTML sanitization and subsequently rendered unsanitized by ViewLanguage.RenderGrid. An...
Joern 4.0.524
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
CVE-2024-35644
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Pascal Birchler Preferred Languages allows DOM-Based XSS.This issue affects Preferred Languages: from n/a through 2.2.2...
EUVD-2024-55469
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Pascal Birchler Preferred Languages allows DOM-Based XSS.This issue affects Preferred Languages: from n/a through 2.2.2...
CVE-2024-35644
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Pascal Birchler Preferred Languages allows DOM-Based XSS.This issue affects Preferred Languages: from n/a through 2.2.2...
CVE-2024-35644
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Pascal Birchler Preferred Languages allows DOM-Based XSS.This issue affects Preferred Languages: from n/a through 2.2.2...
CVE-2024-35644 WordPress Preferred Languages plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Pascal Birchler Preferred Languages allows DOM-Based XSS.This issue affects Preferred Languages: from n/a through 2.2.2...
CVE-2024-35644 WordPress Preferred Languages plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Pascal Birchler Preferred Languages allows DOM-Based XSS.This issue affects Preferred Languages: from n/a through 2.2.2...
WordPress plugin Preferred Languages 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-23670
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Pascal Birchler Preferred Languages allows DOM-Based XSS.This issue affects Preferred Languages: from n/a through 2.2.2...
GoodVibe: Security-By-Vibe for LLM-Based Code Generation
Large language models LLMs are increasingly used for code generation in fast, informal development workflows, often referred to as vibe coding, where speed and convenience are prioritized, and security requirements are rarely made explicit. In this setting, models frequently produce functionally...
POC-Generator-Burp_Suite_Extension
🎯 POC Generator - Burp Suite Extension From vulnerability...
RLSA-2026:0756 Moderate: transfig security update
The transfig utility creates a makefile which translates FIG created by xfig or PIC figures into a specified LaTeX graphics language for example, PostScriptTM. Transfig is used to create TeX documents which are portable i.e., they can be printed in a wide variety of environments. Install transfig...
[SECURITY] Fedora 42 Update: musescore-4.3.2-20.fc42
MuseScore is a free cross platform WYSIWYG music notation program. Some highlights: WYSIWYG, notes are entered on a "virtual note sheet" Unlimited number of staves Up to four voices per staff Easy and fast note entry with mouse, keyboard or MIDI Integrated sequencer and FluidSynth software...
[SECURITY] Fedora 43 Update: python-pdfminer-20251230-1.fc43
Pdfminer.six is a community maintained fork of the original PDFMiner. It is a tool for extracting information from PDF documents. It focuses on getting and analyzing text data. Pdfminer.six extracts the text from a page directly from the sourcecode of the PDF. It can also be used to get the exact...
PoC-Analyzer
PoC Analyzer Proof-of-Concept Malicious Intent Detector !P...
A Systematic Study of Code Obfuscation against LLM-Based Vulnerability Detection
As large language models LLMs are increasingly adopted for code vulnerability detection, their reliability and robustness across diverse vulnerability types have become a pressing concern. In traditional adversarial settings, code obfuscation has long been used as a general strategy to bypass...
Denial Of Service (DoS)
getgrav/grav is vulnerable to Denial of Service DoS. The vulnerability is due to improper input validation in the “Supported” parameter of the Languages submenu, which allows an attacker to supply malformed input that triggers a fatal regular expression parsing error via the pregmatch function...