13 matches found
billboard.js security vulnerability
billboard.js is a reusable and easy-to-use JavaScript chart library developed by NAVER based on D3.js. Versions of billboard.js prior to 3.18.0 contained a security vulnerability. This vulnerability stemmed from improper cleanup during the binding of chart options, which could allow for the...
PT-2026-5054
billboard.js before 3.18.0 allows an attacker to execute malicious JavaScript due to improper sanitization during chart option binding...
CVE-2025-70968
FreeImage 3.18.0 contains a Use After Free in PluginTARGA.cpp;loadRLE...
CVE-2025-65803
An integer overflow in the psdParser::ReadImageData function of FreeImage v3.18.0 and before allows attackers to cause a Denial of Service DoS via supplying a crafted PSD file...
AZL-66318 CVE-2025-55199 affecting package helm 3.14.2-10
Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. This issue has been resolved in Helm 3.18.5. A workaround involves...
GHSA-J288-Q9X7-2F5V Apache Commons Lang is vulnerable to Uncontrolled Recursion when processing long inputs
Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass... can throw StackOverflowError on very long input...
WordPress plugin Social Bookmarking RELOADED 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Social Bookmarking RELOADED A...
EMC ESRS VE Information Disclosure Vulnerability
EMC ESRS VE is a set of EMC customer service and end-user EMC products and solutions to provide two-way remote connection between the remote service software. A security vulnerability exists in EMC ESRS VE version 3.18 and earlier. An attacker could exploit the vulnerability to compromise an...
CVE-2017-0434
An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset. This issue is rated as High because it first requires compromising a privileged process. Product: Android...
CVE-2016-8398
Unauthenticated messages processed by the UE. Certain NAS messages are processed when no EPS security context exists in the UE. Product: Android. Versions: Kernel 3.18. Android ID: A-31548486. References: QC-CR877705...
DEBIAN-CVE-2013-7421
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AFALG socket with a module name in the salgname field, a different vulnerability than CVE-2014-9644...
PT-2015-4196 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 3.18.1 Description: The issue is related to the batadv frag merge packets function in the B.A.T.M.A.N. implementation, which uses an incorrect length field during a calculation of an amount of memory. This allows...
UBUNTU-CVE-2014-9730
The udfpctochar function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service system crash via a crafted UDF filesystem image...