Lucene search
K

13 matches found

NVD
NVD
added 2026/02/19 7:17 a.m.9 views

CVE-2026-1055

The TalkJS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 0.1.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

4.4CVSS0.00203EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/02/18 11:56 p.m.4 views

WordPress TalkJS plugin <= 0.1.15 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'welcomeMessage' Parameter vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via 'welcomeMessage' Parameter vulnerability discovered by 0x34rth in WordPress Plugin TalkJS versions = 0.1.15...

4.4CVSS5.5AI score0.00203EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/04/18 12:0 a.m.39 views

sqlparse 安全漏洞

sqlparse is Python's non-validating SQL parser. It provides support for parsing, splitting and formatting SQL statements. A security vulnerability exists in sqlparse version 0.1.15 and later. An attacker could exploit this vulnerability to cause a denial of service...

7.5CVSS6.7AI score0.0098EPSS
Exploits0References12
CNVD
CNVD
added 2020/04/07 12:0 a.m.1 views

heroku-addonpool command injection vulnerability

heroku-addonpool is a package for managing applications in Heroku. A command injection vulnerability exists in heroku-addonpool version 0.1.15 and earlier. An attacker can exploit this vulnerability to execute arbitrary commands...

9.8CVSS8.1AI score0.02787EPSS
Exploits1References1
OSV
OSV
added 2020/04/06 1:15 p.m.3 views

CVE-2020-7634

heroku-addonpool through 0.1.15 is vulnerable to Command Injection...

9.8CVSS7.3AI score0.02787EPSS
Exploits1References2
CNVD
CNVD
added 2020/03/17 12:0 a.m.3 views

closure-compiler-stream injection vulnerability

closure-compiler-stream is a stream interface to a closure compiler. A security vulnerability exists in closure-compiler-stream version 0.1.15 and earlier, which stems from the program failing to perform any cleanup operations on the user-controllable 'options' parameter. An attacker could use th...

9.8CVSS7.4AI score0.02512EPSS
Exploits1References1
NVD
NVD
added 2019/07/25 7:15 p.m.19 views

CVE-2019-1010127

VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-free. The impact is: Denial of Service or possibly other impact eg. code execution or information disclosure. The component is: The header::addFILTERdescriptor method in header.cpp. The attack vector is: The victim must open a...

7.8CVSS7.8AI score0.01642EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2019/06/06 3:30 p.m.28 views

SQL Injection in typeorm

Versions of typeorm before 0.1.15 are vulnerable to SQL Injection. Field names are not properly validated allowing attackers to inject SQL statements and execute arbitrary SQL queries. Recommendation Upgrade to version 0.1.15...

6.9AI score
Exploits0References4Affected Software1
CNVD
CNVD
added 2018/05/18 12:0 a.m.6 views

VCFtools header::add_INFO_descriptor function denial of service vulnerability

VCFtools is a package for working with VCF files. A denial of service vulnerability exists in the header::addINFOdescriptor function in header.cpp in VCFtools 0.1.15. A remote attacker can exploit this vulnerability via a specially crafted vcf file to cause a denial of service reuse after release...

7.8CVSS7.6AI score0.01456EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/18 12:0 a.m.4 views

VCFtools header::add_INFO_descriptor function information disclosure vulnerability

VCFtools is a package for working with VCF files. An information disclosure vulnerability exists in the header::addINFOdescriptor function in header.cpp in VCFtools 0.1.15. A remote attacker can exploit this vulnerability via a specially crafted vcf file to cause an information disclosure...

5.5CVSS6.1AI score0.01523EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/18 12:0 a.m.5 views

VCFtools header::add_FORMAT_descriptor function denial of service vulnerability

VCFtools is a package for working with VCF files. A denial of service vulnerability exists in the header::addFORMATdescriptor function in header.cpp in VCFtools 0.1.15. A remote attacker can exploit this vulnerability via a specially crafted vcf file to cause a denial of service reuse after relea...

7.8CVSS7.6AI score0.22369EPSS
Exploits0References1
OSV
OSV
added 2018/05/17 7:29 p.m.1 views

DEBIAN-CVE-2018-11130

The header::addFORMATdescriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via a crafted vcf file...

7.8CVSS7.5AI score0.22369EPSS
Exploits0References1
OSV
OSV
added 2018/05/17 7:29 p.m.1 views

DEBIAN-CVE-2018-11129

The header::addINFOdescriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via a crafted vcf file...

7.8CVSS7.8AI score0.01456EPSS
Exploits0References1
Rows per page
Query Builder