Lucene search
K

89 matches found

OpenVAS
OpenVAS
added 2021/02/08 12:0 a.m.7 views

Fedora: Security Advisory for python-pygments (FEDORA-2021-33abbae37b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2021/02/08 12:0 a.m.8 views

Fedora: Security Advisory for python-pygments (FEDORA-2021-175e686ca6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2021/02/07 1:39 a.m.73 views

[SECURITY] Fedora 32 Update: python-pygments-2.4.2-8.fc32

Pygments is a generic syntax highlighter for general use in all kinds of software such as forum systems, wikis or other applications that need to prettify source code. Highlights are: a wide range of common languages and markup formats is supported special attention is paid to details that increa...

7.3AI score
Exploits0
Fedora
Fedora
added 2021/02/07 1:34 a.m.67 views

[SECURITY] Fedora 33 Update: python-pygments-2.6.1-5.fc33

Pygments is a generic syntax highlighter for general use in all kinds of software such as forum systems, wikis or other applications that need to prettify source code. Highlights are: a wide range of common languages and markup formats is supported special attention is paid to details that increa...

7.3AI score
Exploits0
NVD
NVD
added 2020/11/24 11:15 p.m.16 views

CVE-2020-26237

Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during highlighting. If you allow use...

8.7CVSS7AI score0.01296EPSS
Exploits0References6
OSV
OSV
added 2020/11/24 11:15 p.m.20 views

CVE-2020-26237

Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during highlighting. If you allow use...

8.7CVSS8.5AI score
Exploits0References6
CVE
CVE
added 2020/11/24 11:0 p.m.191 views

CVE-2020-26237

Highlight.js vulnerability CVE-2020-26237: Prototype Pollution in versions before 9.18.2 and 10.1.2 (and older); a malicious HTML block could pollute Object.prototype during highlighting. Upstream fixes exist in 9.18.2+, 10.1.2+, and newer. Debian/OSS advisories also reference updates; remediatio...

8.7CVSS6.8AI score0.01296EPSS
Exploits0References6Affected Software1
CNVD
CNVD
added 2019/08/22 12:0 a.m.3 views

WordPress crayon-syntax-highlighter plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. crayon-syntax-highlighter is used in one of the syntax highlighting plugin built using PHP and jQuery. A cross-site scripting...

6.1CVSS6.2AI score0.01524EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/20 12:0 a.m.18 views

CVE-2016-10893

The crayon-syntax-highlighter plugin before 2.8.4 for WordPress has multiple XSS issues via AJAX requests...

6.2AI score0.01524EPSS
Exploits0References3
CVE
CVE
added 2019/08/20 12:0 a.m.37 views

CVE-2016-10893

The CVE-2016-10893 entry concerns the WordPress Crayon Syntax Highlighter plugin. Affected software: crayon-syntax-highlighter plugin for WordPress, prior to version 2.8.4. Root cause: multiple XSS (cross-site scripting) flaws exploitable via AJAX requests. Impact: client-side code execution risk...

6.1CVSS6.1AI score0.01524EPSS
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
added 2016/05/10 12:0 a.m.30 views

Crayon Syntax Highlighter < 2.8.4 - Multiple XSS

The Crayon Syntax Highlighter WordPress plugin was affected by a Multiple XSS security vulnerability...

4.3CVSS1AI score0.01524EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2016/01/13 12:0 a.m.17 views

Debian Security Advisory DSA 3445-1 (pygments - security update)

Javantea discovered that pygments, a generic syntax highlighter, is prone to a shell injection vulnerability allowing a remote attacker to execute arbitrary code via shell metacharacters in a font name. OpenVAS Vulnerability Test $Id: deb3445.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generat...

9.3CVSS1.2AI score0.06664EPSS
Exploits0References1
Fedora
Fedora
added 2015/11/17 3:56 p.m.12 views

[SECURITY] Fedora 23 Update: python-pygments-2.0.2-3.fc23

Pygments is a generic syntax highlighter for general use in all kinds of software such as forum systems, wikis or other applications that need to prettify source code. Highlights are: a wide range of common languages and markup formats is supported special attention is paid to details that increa...

7.3AI score
Exploits0
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.7 views

WordPress Crayon Syntax Highlighter Plugin <= 2.6.10 - Defacement

Because of this vulnerability, attackers can craft the user provided parameters in such a way that it becomes possible to overwrite base themes with arbitrary CSS. Solution Update plugin...

3.1AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.23 views

WordPress Crayon Syntax Highlighter Plugin <= 2.6.10 - Local File Disclosure

This plugin is prone to a local file disclosure vulnerability. It allows attackers to see the content of any file. Solution Update plugin...

2.4AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/04/27 12:0 a.m.2 views

WordPress Crayon Syntax Highlighter Plugin Arbitrary File Disclosure Vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . Syntax Highlighter is built with PHP and jQuery syntax highlighting monitor . An information disclosure...

6AI score
Exploits0References1
WPVulnDB
WPVulnDB
added 2015/04/20 12:0 a.m.15 views

Crayon Syntax Highlighter 2.0 - 2.6.10 - Defacement

The Crayon Syntax Highlighter plugin allows access to the AJAX method 'crayon-theme-editor-save' to any registered user. When called, the AJAX method ‘crayon-theme-editor-save’ will call the 'save' function within the CrayonThemeEditorWP class, defined in...

0.1AI score
Exploits0References1Affected Software1
wpexploit
wpexploit
added 2015/04/20 12:0 a.m.18 views

Crayon Syntax Highlighter 2.0 - 2.6.10 - Defacement

The Crayon Syntax Highlighter plugin allows access to the AJAX method 'crayon-theme-editor-save' to any registered user. When called, the AJAX method ‘crayon-theme-editor-save’ will call the 'save' function within the CrayonThemeEditorWP class, defined in...

1AI score
Exploits0References1
WPVulnDB
WPVulnDB
added 2015/04/14 12:0 a.m.14 views

Crayon Syntax Highlighter <= 2.6.10 - Local File Disclosure

The local file syntax highlighting feature of Crayon Syntax Highlighter doesn't check the path of the file to process. Also, by default, this feature is usable through public comments. This allows unauthenticated visitors to see the content of any file where the web server has read permissions,...

0.3AI score
Exploits0References1Affected Software1
wpexploit
wpexploit
added 2015/04/14 12:0 a.m.19 views

Crayon Syntax Highlighter <= 2.6.10 - Local File Disclosure

The local file syntax highlighting feature of Crayon Syntax Highlighter doesn't check the path of the file to process. Also, by default, this feature is usable through public comments. This allows unauthenticated visitors to see the content of any file where the web server has read permissions,...

7.2AI score
Exploits0References1
Rows per page
Query Builder