110 matches found
CVE-2025-11573
An infinite loop issue in Amazon.IonDotnet library versions v1.3.2 may allow a threat actor to cause a denial of service through a specially crafted text input. To mitigate this issue, users should upgrade to version v1.3.2. As of August 20, 2025, this library has been deprecated and will not...
EUVD-2004-1079
Malware in sbrugna...
EUVD-2017-14536
Malware in sbrugna...
EUVD-2013-6423
Malware in sbrugna...
EUVD-2011-4951
Malware in sbrugna...
EUVD-2022-15471
Malicious code in bioql PyPI...
EUVD-2022-2649
Malicious code in bioql PyPI...
EUVD-2022-3972
Malicious code in bioql PyPI...
The Scratch Channel 跨站脚本漏洞
The Scratch Channel is a project site of The Scratch Channel open source. A cross-site scripting vulnerability exists in The Scratch Channel, which stems from improperly cleaned text box input and could lead to a cross-site scripting attack...
Flatboard Pro 跨站脚本漏洞
Flatboard Pro is an open source forum system by Flatboard. A cross-site scripting vulnerability exists in Flatboard Pro versions prior to 3.2.2, which stems from insufficient validation of inputs to the footertext and announcement parameters in config.php, and could lead to a stored cross-site...
[SECURITY] Fedora 42 Update: qt6-qtvirtualkeyboard-6.9.1-1.fc42
The Qt Virtual Keyboard project provides an input framework and reference key board frontend for Qt 6. Key features include: Customizable keyboard layouts and styles with dynamic switching. Predictive text input with word selection. Character preview and alternative character view. Automatic...
WordPress plugin Elementor Website Builder Pro 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Elementor Website Builder Pro plugin that stems from insufficient input cleanup and output escaping of the buttontex...
Malicious code in @sporta-technology/rn-components.text-input (npm)
--- -= Per source details. Do not edit below this line.=-...
postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation
A flaw was found in PostgreSQL. Due to improper neutralization of quoting syntax, affected versions potentially allow a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the affected function's result to constru...
CVE-2025-0705
A vulnerability has been found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d and classified as problematic. Affected by this vulnerability is the function qrCode of the file src/main/java/io/github/controller/QrCodeController.java. The manipulation of the argument text lead...
SUSE CVE-2024-50233
In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9832: fix division by zero in ad9832calcfreqreg In the ad9832writefrequency function, clkgetrate might return 0. This can lead to a division by zero when calling ad9832calcfreqreg. The check if fout...
Fedora: Security Advisory for qt6-qtvirtualkeyboard (FEDORA-2024-bfb8617ba3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: qt6-qtvirtualkeyboard-6.7.1-1.fc40
The Qt Virtual Keyboard project provides an input framework and reference key board frontend for Qt 6. Key features include: Customizable keyboard layouts and styles with dynamic switching. Predictive text input with word selection. Character preview and alternative character view. Automatic...
Medium: python-pillow
Issue Overview: Affected versions of this package are vulnerable to Denial of Service DoS when using arbitrary strings as text input and the number of characters passed into PIL.ImageFont.ImageFont.getmask is over a certain limit. This can lead to a system crash. Affected versions of this package...
Wallos Security Vulnerabilities
Wallos is an open source personal subscription tracker from the individual developer Miguel Ribeiro. A security vulnerability exists in Wallos version 0.9, which stems from the vulnerability to cross-site scripting XSS in all text-based input fields...