33 matches found
GIMP 安全漏洞
GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a security vulnerability, which stems from a stack buffer overflow in the 4BPP decoding path of the TIM image loader. This vulnerability may cause denial-of-service attacks when opening specially crafted TIM image fil...
EUVD-2023-44771
Malicious code in bioql PyPI...
Azure Linux 3.0 Security Update: vim (CVE-2024-43790)
The version of vim installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43790 advisory. - Vim is an open source command line text editor. When performing a search and displaying the search-count messag...
CVE-2024-40626
Outline is an open source, collaborative document editor. A type confusion issue was found in ProseMirror’s rendering process that leads to a Stored Cross-Site Scripting XSS vulnerability in Outline. An authenticated user can create a document containing a malicious JavaScript payload. When other...
CBL Mariner 2.0 Security Update: vim (CVE-2025-24014)
The version of vim installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-24014 advisory. - Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In sile...
Trix 跨站脚本漏洞
Trix is a Basecamp open source rich text editor for everyday writing. A cross-site scripting vulnerability exists in Trix versions prior to 2.1.9 and prior to 1.3.3. The vulnerability stems from the susceptibility to cross-site scripting attacks when malicious code is pasted, which may result in...
EulerOS 2.0 SP10 : vim (EulerOS-SA-2024-2918)
According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source command line text editor.double-free in dialogchanged in Vim v9.1.0648.When abandoning a buffer, Vim may ask the user what to d...
Overleaf 安全漏洞
Overleaf is an open source online real-time collaborative LaTeX editor from Overleaf Open Source. A security vulnerability exists in Overleaf that stems from an insecure configuration of the LaTeX compiler by default...
CVE-2021-4227
The ark-commenteditor WordPress plugin through 2.15.6 does not properly sanitise or encode the comments when in Source editor, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page to the comment section...
CVE-2021-4227
The ark-commenteditor WordPress plugin through 2.15.6 does not properly sanitise or encode the comments when in Source editor, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page to the comment section...
Code injection
The ark-commenteditor WordPress plugin through 2.15.6 does not properly sanitise or encode the comments when in Source editor, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page to the comment section...
CVE-2021-4227 Ark Comment Editor <= 2.15.6 - Iframe Injection via Comment
The ark-commenteditor WordPress plugin through 2.15.6 does not properly sanitise or encode the comments when in Source editor, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page to the comment section...
Notepad++ 安全漏洞
Notepad++ is an open source plain text editor by Don Ho, an individual developer in Taiwan, China. A security vulnerability exists in Notepad++, which stems from a global buffer read overflow vulnerability in the nsCodingStateMachine::NextStater function...
Notepad++ 安全漏洞
Notepad++ is an open source plain text editor by Don Ho, an individual developer in Taiwan, China. A security vulnerability exists in Notepad++, which stems from a heap buffer write overflow vulnerability in the Utf816Read::convert function...
Editor.md 跨站脚本漏洞
Editor.md is an open source embedded online Markdown editor by pandao individual developers. Editor.md suffers from a cross-site scripting vulnerability that originates from allowing an unauthenticated attacker to execute arbitrary code...
Microsoft Visual Studio Code 安全漏洞
Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A security vulnerability exists in Microsoft Visual Studio Code. No information about this vulnerability is available at this time, so stay tuned to CNNVD or the vendor announcement...
Gleez CMS Stored XSS
Cross-site scripting XSS vulnerability in Gleez CMS 1.2.0 and 2.0 might allow remote attackers users to inject JavaScript via HTML content in an editor, which will result in Stored XSS when an Administrator tries to edit the same content, as demonstrated by use of the source editor for HTML mode ...
Microsoft Visual Studio Code 安全漏洞
Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A security vulnerability exists in microsoft Visual Studio. The following products and versions are affected: Visual Studio Code...
Microsoft Visual Studio Code 安全漏洞
Microsoft Visual Studio Code is an open source code editor from Microsoft Corporation USA. A security vulnerability exists in Visual Studio Code versions prior to 0.3.2 that allows remote code execution via a crafted workspace configuration...
Getty104 qiita-markdown 跨站脚本漏洞
Getty104 qiita-markdown is Getty104 an open source application . It provides an editor function. A cross-site scripting vulnerability exists in Qiita Markdown before 0.33.0, which originates from transformer...