NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the loadDocImpl function. An attacker can cause a denial of service by triggering a null pointer dereference through local access to the affected component. Remediation Upgrade behaviortree.cpp to version...

CVE-2025-11013 BehaviorTree XML Parser xml_parsing.cpp loadDocImpl null pointer dereference

A vulnerability was identified in BehaviorTree up to 4.7.0. This vulnerability affects the function XMLParser::PImpl::loadDocImpl of the file /src/xmlparsing.cpp of the component XML Parser. The manipulation leads to null pointer dereference. The attack can only be performed from a local...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the fromJson function. An attacker can cause a denial of service by providing a crafted argument to trigger a null pointer dereference. Remediation A fix was pushed into the master branch but not yet...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the ParseScript function in the Diagnostic Message Handler component of scriptparser.cpp. An attacker can execute arbitrary code or cause a denial of service by providing a specially crafted argument to...

CVE-2025-11012

BehaviorTree.CPP before 4.7.0 is affected by a vulnerability in the Diagnostic Message Handler’s ParseScript function (src/script_parser.cpp). Improper manipulation of the error_msgs_buffer can cause a stack-based buffer overflow. Exploitation is local, and public disclosures and a patch referenc...

CVE-2025-11011

BehaviorTree.CPP up to version 4.7.0 contains a flaw in JsonExporter::fromJson that can cause a NULL pointer dereference when the Source argument is manipulated. The vulnerability requires local access and a public exploit is available (PoC referenced). A patch is available and named 4b23dcaf0ce9...

CVE-2025-11011 BehaviorTree json_export.cpp fromJson null pointer dereference

A vulnerability was found in BehaviorTree up to 4.7.0. Affected by this issue is the function JsonExporter::fromJson of the file /src/jsonexport.cpp. Performing manipulation of the argument Source results in null pointer dereference. The attack needs to be approached locally. The exploit has been...

CVE-2025-11011 BehaviorTree json_export.cpp fromJson null pointer dereference

A vulnerability was found in BehaviorTree up to 4.7.0. Affected by this issue is the function JsonExporter::fromJson of the file /src/jsonexport.cpp. Performing manipulation of the argument Source results in null pointer dereference. The attack needs to be approached locally. The exploit has been...

BehaviorTree.CPP 代码问题漏洞

BehaviorTree.CPP is a library for behavior trees in C++ open-sourced by BehaviorTree. A code issue vulnerability exists in BehaviorTree.CPP version 4.7.0 and earlier, which stems from a null pointer dereference in the XMLParser::PImpl::loadDocImpl function in the XML Parser component, which could...

OPENSUSE-SU-2025:15582-1 tree-sitter-ruby-0.23.1-2.1 on GA media

These are all security issues fixed in the tree-sitter-ruby-0.23.1-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-58023

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in akdevs Genealogical Tree genealogical-tree allows Stored XSS.This issue affects Genealogical Tree: from n/a through = 2.2.8...

CVE-2025-58023

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in akdevs Genealogical Tree genealogical-tree allows Stored XSS.This issue affects Genealogical Tree: from n/a through = 2.2.7...

WordPress Genealogical Tree plugin <= 2.2.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Genealogical Tree versions = 2.2.6...

CVE-2025-58023

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in akdevs Genealogical Tree genealogical-tree allows Stored XSS.This issue affects Genealogical Tree: from n/a through = 2.2.8...

CVE-2025-58023

CVE-2025-58023 affects the WordPress plugin Genealogical Tree (up to version 2.2.5). The issue is a Stored Cross‑Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. It can be triggered by an attacker over the network with low privileges and requi...

CVE-2025-58023 WordPress Genealogical Tree plugin <= 2.2.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in akdevs Genealogical Tree genealogical-tree allows Stored XSS.This issue affects Genealogical Tree: from n/a through = 2.2.7...

CVE-2025-58023 WordPress Genealogical Tree plugin <= 2.2.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in akdevs Genealogical Tree genealogical-tree allows Stored XSS.This issue affects Genealogical Tree: from n/a through = 2.2.7...

PT-2025-38873

Name of the Vulnerable Software and Affected Versions akdevs Genealogical Tree versions through 2.2.5 Description The software contains a flaw related to improper input handling during web page creation, which allows for Stored Cross-site Scripting XSS. This means malicious scripts can be injecte...

WordPress plugin Genealogical Tree 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : ImageMagick vulnerabilities (USN-7756-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7756-1 advisory. It was discovered that ImageMagick did not properly handle memory when performing magnified...