125 matches found
Malicious Package in vue-backbone
Version 0.1.2 of vue-backbone contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and evaluate...
GHSA-5635-9MVJ-R6HP Malicious Package in vue-backbone
Version 0.1.2 of vue-backbone contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and evaluate...
Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 1.3.0 release and security update
Red Hat AMQ Streams 1.3.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Malicious Package
vue-backbone contains malicious code. The code when executed in the browser would capture password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=...
Malicious Package
Overview Version 0.1.2 of vue-backbone contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and...
backbone-couch (>=0.4.0 <=0.5.4), backbone-stash (=0.0.4) +3 more potentially affected by CVE-2016-10537 via backbone (=0.3.3)
backbone NPM version =0.3.3 is affected by a known vulnerability. The following packages have a transitive dependency on backbone and may be impacted: - backbone-couch =0.4.0, =1.1.0, =0.4.0, =0.1.0, =1.0.0 Source cves: CVE-2016-10537 Source advisory: OSV:GHSA-J6P2-CX3W-6JCP...
GHSA-J6P2-CX3W-6JCP Cross-Site Scripting in backbone
Affected versions of backbone are vulnerable to cross-site scripting when users are allowed to supply input to the ModelEscape function, and the output is then written to the DOM. The vulnerability occurs as a result of the regular expression used to encode metacharacters failing to take HTML...
Cross-Site Scripting in backbone
Affected versions of backbone are vulnerable to cross-site scripting when users are allowed to supply input to the ModelEscape function, and the output is then written to the DOM. The vulnerability occurs as a result of the regular expression used to encode metacharacters failing to take HTML...
CVE-2016-10537
backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...
DEBIAN-CVE-2016-10537
backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...
CVE-2016-10537
backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...
CVE-2016-10537
backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...
Cross site scripting
backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...
CVE-2016-10537
The CVE-2016-10537 entry concerns the Backbone.js backbone module (v0.3.3 and earlier) vulnerable to cross-site scripting via the Model#Escape function. The root cause is a regex that fails to encode HTML metacharacters (e.g.,
CVE-2016-10537
backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...
CVE-2016-10537
backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...
CVE-2014-2073
Stack-based buffer overflow in Dassault Systemes CATIA V5-6R2013 allows remote attackers to execute arbitrary code via a crafted packet, related to "CATV5BackboneBus."...
CVE-2016-5475
Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install...
CVE-2016-5475
Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install...
CVE-2016-5474
Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RSB Kernel...