SUSE CVE-2026-34601

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In xmldom versions 0.6.0 and prior and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9, xmldom/xmldom allows attacker-controlled strings containing the CDATA terminator to be inserted into a...

EUVD-2025-203311

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...

AZL-72862 CVE-2025-67899 affecting package uriparser 0.9.7-2

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...

CVE-2025-67899

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...

CVE-2025-67899

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...

Uriparser 安全漏洞

Uriparser is a strictly Rfc 3986 compliant Uri parsing and processing library written in C89. A security vulnerability exists in Uriparser version 0.9.9 and earlier, which stems from allowing infinite recursion and stack consumption...

EUVD-2007-1782

Malware in sbrugna...

org.webjars.bower:angular-trix (=1.0.2), org.webjars.bower:github-com-sachinchoolur-angular-trix (=1.0.2) potentially affected by CVE-2025-46812 via org.webjars.bower:trix (=0.9.9)

org.webjars.bower:trix MAVEN version =0.9.9 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.bower:trix and may be impacted: - org.webjars.bower:angular-trix =1.0.2 - org.webjars.bower:github-com-sachinchoolur-angular-trix =1.0.2 Source cves...

CVE-2024-13686

The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vwstorefrontresetallsettings function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level access and...

WordPress VW Storefront theme <= 0.9.9 - Missing Authorization to Authenticated (Subscriber+) Settings Reset vulnerability

Missing Authorization to Authenticated Subscriber+ Settings Reset vulnerability discovered by Peter Thaleikis in WordPress Theme VW Storefront versions = 0.9.9...

CVE-2024-56018

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BU Web Team BU Section Editing bu-section-editing allows Reflected XSS.This issue affects BU Section Editing: from n/a through = 0.9.9...

WordPress plugin BU Section Editing 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in the...

WordPress plugin Legacy ePlayer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-4561 · Brianmiyaji · Legacy Eplayer

Name of the Vulnerable Software and Affected Versions: brianmiyaji Legacy ePlayer versions 0.9.9 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means that an attacker...

CVE-2024-56018 WordPress BU Section Editing Plugin <= 0.9.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BU Web Team BU Section Editing bu-section-editing allows Reflected XSS.This issue affects BU Section Editing: from n/a through = 0.9.9...

PT-2025-51176

Name of the Vulnerable Software and Affected Versions uriparser versions through 0.9.9 Description The software is susceptible to an issue involving unbounded recursion and stack consumption. This occurs when processing large inputs containing numerous commas, specifically when using the...

WordPress BU Section Editing Plugin <= 0.9.9 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin BU Section Editing versions = 0.9.9...

CVE-2022-34992

Luadec v0.9.9 was discovered to contain a heap-buffer overflow via the function UnsetPending...

CVE-2022-34992

Luadec v0.9.9 was discovered to contain a heap-buffer overflow via the function UnsetPending...

LuaDec 缓冲区错误漏洞

LuaDec is a decompiler for lua versions 5.1, 5.2, and 5.3. A security vulnerability exists in LuaDec version v0.9.9, which stems from a heap overflow in its UnsetPending function...