89 matches found
Fedora: Security Advisory for python-pygments (FEDORA-2021-33abbae37b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for python-pygments (FEDORA-2021-175e686ca6)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 32 Update: python-pygments-2.4.2-8.fc32
Pygments is a generic syntax highlighter for general use in all kinds of software such as forum systems, wikis or other applications that need to prettify source code. Highlights are: a wide range of common languages and markup formats is supported special attention is paid to details that increa...
[SECURITY] Fedora 33 Update: python-pygments-2.6.1-5.fc33
Pygments is a generic syntax highlighter for general use in all kinds of software such as forum systems, wikis or other applications that need to prettify source code. Highlights are: a wide range of common languages and markup formats is supported special attention is paid to details that increa...
CVE-2020-26237
Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during highlighting. If you allow use...
CVE-2020-26237
Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during highlighting. If you allow use...
CVE-2020-26237
Highlight.js vulnerability CVE-2020-26237: Prototype Pollution in versions before 9.18.2 and 10.1.2 (and older); a malicious HTML block could pollute Object.prototype during highlighting. Upstream fixes exist in 9.18.2+, 10.1.2+, and newer. Debian/OSS advisories also reference updates; remediatio...
WordPress crayon-syntax-highlighter plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. crayon-syntax-highlighter is used in one of the syntax highlighting plugin built using PHP and jQuery. A cross-site scripting...
CVE-2016-10893
The crayon-syntax-highlighter plugin before 2.8.4 for WordPress has multiple XSS issues via AJAX requests...
CVE-2016-10893
The CVE-2016-10893 entry concerns the WordPress Crayon Syntax Highlighter plugin. Affected software: crayon-syntax-highlighter plugin for WordPress, prior to version 2.8.4. Root cause: multiple XSS (cross-site scripting) flaws exploitable via AJAX requests. Impact: client-side code execution risk...
Crayon Syntax Highlighter < 2.8.4 - Multiple XSS
The Crayon Syntax Highlighter WordPress plugin was affected by a Multiple XSS security vulnerability...
Debian Security Advisory DSA 3445-1 (pygments - security update)
Javantea discovered that pygments, a generic syntax highlighter, is prone to a shell injection vulnerability allowing a remote attacker to execute arbitrary code via shell metacharacters in a font name. OpenVAS Vulnerability Test $Id: deb3445.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generat...
[SECURITY] Fedora 23 Update: python-pygments-2.0.2-3.fc23
Pygments is a generic syntax highlighter for general use in all kinds of software such as forum systems, wikis or other applications that need to prettify source code. Highlights are: a wide range of common languages and markup formats is supported special attention is paid to details that increa...
WordPress Crayon Syntax Highlighter Plugin <= 2.6.10 - Defacement
Because of this vulnerability, attackers can craft the user provided parameters in such a way that it becomes possible to overwrite base themes with arbitrary CSS. Solution Update plugin...
WordPress Crayon Syntax Highlighter Plugin <= 2.6.10 - Local File Disclosure
This plugin is prone to a local file disclosure vulnerability. It allows attackers to see the content of any file. Solution Update plugin...
WordPress Crayon Syntax Highlighter Plugin Arbitrary File Disclosure Vulnerability
WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . Syntax Highlighter is built with PHP and jQuery syntax highlighting monitor . An information disclosure...
Crayon Syntax Highlighter 2.0 - 2.6.10 - Defacement
The Crayon Syntax Highlighter plugin allows access to the AJAX method 'crayon-theme-editor-save' to any registered user. When called, the AJAX method ‘crayon-theme-editor-save’ will call the 'save' function within the CrayonThemeEditorWP class, defined in...
Crayon Syntax Highlighter 2.0 - 2.6.10 - Defacement
The Crayon Syntax Highlighter plugin allows access to the AJAX method 'crayon-theme-editor-save' to any registered user. When called, the AJAX method ‘crayon-theme-editor-save’ will call the 'save' function within the CrayonThemeEditorWP class, defined in...
Crayon Syntax Highlighter <= 2.6.10 - Local File Disclosure
The local file syntax highlighting feature of Crayon Syntax Highlighter doesn't check the path of the file to process. Also, by default, this feature is usable through public comments. This allows unauthenticated visitors to see the content of any file where the web server has read permissions,...
Crayon Syntax Highlighter <= 2.6.10 - Local File Disclosure
The local file syntax highlighting feature of Crayon Syntax Highlighter doesn't check the path of the file to process. Also, by default, this feature is usable through public comments. This allows unauthenticated visitors to see the content of any file where the web server has read permissions,...