6 matches found
CVE-2025-3901 Bootstrap Site Alert - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-042
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting XSS.This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4...
AZL-60429 CVE-2025-32907 affecting package libsoup for versions less than 3.0.4-7
A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. This does not allow for a fu...
CVE-2024-45144
Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
Phoenix.HTML 跨站脚本漏洞
Phoenix.HTML is Phoenix framework open source a function . Used to handle HTML strings and templates. A security vulnerability exists in Phoenix.HTML versions prior to 3.0.4. Attackers use this vulnerability to execute cross-site scripting attacks...
OESA-2022-1700 ruby security update
Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and...
Cisco Cyber Vision Center Software Access Control Error Vulnerability
Cisco Cyber Vision Center Software is a set of industrial control system ICS monitoring solution from the U.S. company Cisco Cisco. The product supports dynamic asset inventory, real-time network monitoring and other functions. An access control error vulnerability exists in the access control...