17 matches found
EUVD-2022-49685
Malicious code in bioql PyPI...
EUVD-2022-49683
Malicious code in bioql PyPI...
EUVD-2025-10492
Malicious code in bioql PyPI...
FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14383)
FreeFloat FTP Server is a FTP Server software developed by FreeFloat Inc. A buffer overflow vulnerability exists in FreeFloat FTP Server. The vulnerability stems from the failure of the SEND command handler to properly process user input, and no details of the vulnerability are provided at this...
CVE-2022-46904
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS...
CVE-2022-46906
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...
CVE-2019-0792
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0790, CVE-2019-0791, CVE-2019-0793, CVE-2019-0795...
CVE-2019-0790
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0791, CVE-2019-0792, CVE-2019-0793, CVE-2019-0795...
CVE-2024-13896
CVE-2024-13896 affects WP-GeSHi-Highlight for WordPress up to version 1.4.3. The plugin processes user-supplied input as a regular expression in wp_geshi_filter_replace_code(), which could trigger a Regular Expression Denial of Service (ReDoS). This is described in multiple connected records (inc...
CVE-2024-57026
The CVE-2024-57026 entry concerns the TawkTo Widget, affected versions prior to or equal to 1.3.7, which are vulnerable to Cross Site Scripting (XSS) due to how user input is processed. This is the stated root cause and impact across connected sources (e.g., Red Hat, CVE listings, and PT Security...
CVE-2024-57026
TawkTo Widget Version = 1.3.7 is vulnerable to Cross Site Scripting XSS due to processing user input in a way that allows JavaScript execution...
CVE-2022-46904
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS...
CVE-2022-46906
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...
CVE-2022-46904
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS...
CVE-2022-33185. Several commands in Brocade Fabric OS use unsafe string function to process user input
Security Advisory ID : BSA-2022-2078 Component : FOS Revision : 1.1 Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer...
CVE-2019-0795
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0790, CVE-2019-0791, CVE-2019-0792, CVE-2019-0793...
MGASA-2015-0257 Updated tidy package fixes security vulnerability
A heap-based buffer overflow in tidy could have unspecified impact when processing user-supplied input...