12 matches found
JLSEC-2026-529
Versions of the package raysan5/raylib before 4.5.0 are vulnerable to Cross-site Scripting XSS such that the SetClipboardText API does not properly escape the ' character, allowing attacker-controlled input to break out of the string and execute arbitrary JavaScript via emscriptenrunscript...
net.enilink.platform:net.enilink.platform.web (=1.6.0), org.webjars.npm:formio__core (=2.6.0) +1 more potentially affected by unknown CVE via org.webjars.npm:dompurify (>=3.1.7 <=3.3.0)
org.webjars.npm:dompurify MAVEN version =3.1.7, =0.54.0, =0.55.1 Source cves: unknown CVE Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15874904...
net.enilink.platform:net.enilink.platform.web (=1.6.0), org.webjars.npm:formio__core (=2.6.0) +1 more potentially affected by unknown CVE via org.webjars.npm:dompurify (>=3.1.7 <=3.3.0)
org.webjars.npm:dompurify MAVEN version =3.1.7, =0.54.0, =0.55.1 Source cves: unknown CVE Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15810939...
CVE-2023-26123
Versions of the package raysan5/raylib before 4.5.0 are vulnerable to Cross-site Scripting XSS such that the SetClipboardText API does not properly escape the ' character, allowing attacker-controlled input to break out of the string and execute arbitrary JavaScript via emscriptenrunscript...
Google Chrome Video Encoder Metrics denial of service vulnerability
Talos Vulnerability Report TALOS-2023-1870 Google Chrome Video Encoder Metrics denial of service vulnerability February 28, 2024 CVE Number None SUMMARY A denial of service vulnerability exists in the Video Encoder Metrics functionality of Google Chrome Chrome Stable 119.0.6045.160 64-bit and...
CVE-2023-45137 XWiki Platform XSS with edit right in the create document form for existing pages
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. org.xwiki.platform:xwiki-platform-web starting in version 3.1-milestone-2 and prior to version 13.4-rc-1, as well as org.xwiki.platform:xwiki-platform-web-templates prior to versions 14.10.12...
SUSE CVE-2023-26123
Versions of the package raysan5/raylib before 4.5.0 are vulnerable to Cross-site Scripting XSS such that the SetClipboardText API does not properly escape the ' character, allowing attacker-controlled input to break out of the string and execute arbitrary JavaScript via emscriptenrunscript...
CVE-2023-26123
Versions of the package raysan5/raylib before 4.5.0 are vulnerable to Cross-site Scripting XSS such that the SetClipboardText API does not properly escape the ' character, allowing attacker-controlled input to break out of the string and execute arbitrary JavaScript via emscriptenrunscript...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS such that the SetClipboardText API does not properly escape the ' character, allowing attacker-controlled input to break out of the string and execute arbitrary JavaScript via emscriptenrunscript function. Note:...
Malicious code in training-platform-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 379e8de1999ec8549c82a99e55a439a22fba37f2c10ec080e8c355a42252b7aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6634 Malicious code in training-platform-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 379e8de1999ec8549c82a99e55a439a22fba37f2c10ec080e8c355a42252b7aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
[SECURITY] Fedora 24 Update: webkitgtk-2.4.10-1.fc24
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform...