Infinite loop

Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Infinite loop in the parsing of content streams containing inline images with the DCTDecode filter when the end-of-file marker is...

EUVD-2018-10768

Malware in sbrugna...

EUVD-2018-15607

Malware in sbrugna...

EUVD-2023-37015

Malicious code in bioql PyPI...

CVE-2024-25090

Insufficient input validation and sanitation in Profile name & screenname, Bookmark name & description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted...

CVE-2022-3023

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...

CVE-2021-25894

Magnolia CMS from 6.1.3 to 6.2.3 contains a stored cross-site scripting XSS vulnerability in the /magnoliaPublic/travel/members/login.html mgnlUserId parameter...

CVE-2025-31895

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in paulrosen ABC Notation abc-notation allows Stored XSS.This issue affects ABC Notation: from n/a through = 6.1.3...

CVE-2025-31895

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in paulrosen ABC Notation abc-notation allows Stored XSS.This issue affects ABC Notation: from n/a through = 6.1.3...

CVE-2025-31895

The CVE-2025-31895 entry concerns ABC Notation (WordPress plugin) with Stored Cross-Site Scripting risk up to version 6.1.3, due to improper neutralization of input during web page generation. Exploitation would permit attacker-supplied script execution in the context of affected pages, as indica...

WordPress plugin ABC Notation 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin ABC Notation 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

PT-2025-2216 · WordPress · Abc Notation

Name of the Vulnerable Software and Affected Versions: ABC Notation plugin for WordPress versions up to, and including, 6.1.3 Description: The issue allows authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server, which can contain...

CVE-2024-25090

Insufficient input validation and sanitation in Profile name & screenname, Bookmark name & description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted...

CVE-2024-25090

Apache Roller is affected by a cross-site scripting (XSS) vulnerability due to insufficient input validation and sanitation in Profile name & screenname, Bookmark name & description, and blogroll name fields across versions 5.0.0 to 6.1.2. The issue can be exploited by an authenticated user to pe...

PYSEC-2024-86

Wagtail is an open source content management system built on Django. A bug in Wagtail's parsequerystring would result in it taking a long time to process suitably crafted inputs. When used to parse sufficiently long strings of characters without a space, parsequerystring would take an unexpectedl...

PYSEC-2023-311

plone.namedfile allows users to handle File and Image fields targeting, but not depending on, Plone Dexterity content. Prior to versions 5.6.1, 6.0.3, 6.1.3, and 6.2.1, there is a stored cross site scripting vulnerability for SVG images. A security hotfix from 2021 already partially fixed this by...

WordPress Unspecified Vulnerability (May 2023) - Linux

WordPress is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress";...

WordPress Unspecified Vulnerability (May 2023) - Windows

WordPress is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress";...

Out-of-bounds

In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. An out-of-bounds write may occur...