219 matches found
DOMPurify: DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization
A flaw was found in DOMPurify, a DOM-only cross-site scripting sanitizer. A remote attacker could exploit an inconsistency in how forbidden tags and attributes are handled when function-based tag additions are used. This allows malicious HTML, MathML, or SVG elements to bypass sanitization and...
SUSE CVE-2026-39832
When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...
Missing Authorization
Django is vulnerable to Missing Authorization. The vulnerability is due to missing validation of add permissions for inline model instances in GenericInlineModelAdmin, which allows an attacker to submit forged POST data and create unauthorized objects...
Malicious code in roboat-additions (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1af64a27f6bd87cbd380cb838d6c8c06696f9497c246fe348d5af1bbc17f6122 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
MAL-2026-2280 Malicious code in roboat-additions (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1af64a27f6bd87cbd380cb838d6c8c06696f9497c246fe348d5af1bbc17f6122 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
CLSA-2026-1770214396 Update of microcode_ctl
Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...
CLSA-2026-1770214504 Update of microcode_ctl
Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...
SUSE-SU-2026:20696-1 Security update for ca-certificates-mozilla
This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.84 state of Mozilla SSL root CAs bsc1258002 - Removed: - Baltimore CyberTrust Root - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public...
Update of microcode_ctl
Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...
CLSA-2026-1770217418 Update of microcode_ctl
Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...
CLSA-2026-1770215787 Update of microcode_ctl
Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...
CLSA-2026-1770215200 Update of microcode_ctl
Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...
CLSA-2026-1770214151 Update of microcode_ctl
Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...
CLSA-2026-1770213583 Update of microcode_ctl
Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...
Malicious code in oj-sp-css-additions (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76f44dd1651a643e28e082a676732a19e8a8a8fcf5b2f88264aa47c7f5e31dce The package oj-sp-css-additions was found to contain malicious code. Source: ghsa-malware...
MAL-2026-64 Malicious code in oj-sp-css-additions (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76f44dd1651a643e28e082a676732a19e8a8a8fcf5b2f88264aa47c7f5e31dce The package oj-sp-css-additions was found to contain malicious code. Source: ghsa-malware...
EUVD-2026-1135
Malicious code in oj-sp-css-additions npm...
ROS-20251216-7320
Vulnerability in virtualbox-guest-additions related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...
NiceGUI 跨站脚本漏洞
NiceGUI is an easy-to-use, Python-based UI framework open-sourced by NiceGUI. A cross-site scripting vulnerability exists in NiceGUI 3.3.1 and earlier versions, which stems from insufficient cleanup and escaping of the ui.addcss, ui.addscss, and ui.addsass functions, and could lead to a reflectiv...
xxl-api 安全漏洞
xxl-api is an interface management platform for Xu Xueli's individual developers. A security vulnerability exists in xxl-api v1.3.0, which stems from a cross-site request forgery in the management module that could lead to arbitrary user additions...