38 matches found
EUVD-2012-1667
Malware in sbrugna...
EUVD-2016-4196
Malware in sbrugna...
EUVD-2025-12162
Malicious code in bioql PyPI...
EUVD-2025-5179
Malicious code in bioql PyPI...
CVE-2025-3902
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Block Class allows Cross-Site Scripting XSS.This issue affects Block Class: from 4.0.0 before 4.0.1...
CVE-2025-3902
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Block Class allows Cross-Site Scripting XSS.This issue affects Block Class: from 4.0.0 before 4.0.1...
CVE-2025-3902
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Block Class allows Cross-Site Scripting XSS.This issue affects Block Class: from 4.0.0 before 4.0.1...
CVE-2025-3902
Summary: CVE-2025-3902 is an XSS vulnerability in the Drupal Block Class module. The issue affects versions 4.0.0 up to (but not including) 4.0.1, caused by improper input neutralization during web page generation. Impact (as described): Cross-Site Scripting allowing injected JavaScript when a us...
CVE-2025-3902 Block Class - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-043
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Block Class allows Cross-Site Scripting XSS.This issue affects Block Class: from 4.0.0 before 4.0.1...
CVE-2025-3902 Block Class - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-043
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Block Class allows Cross-Site Scripting XSS.This issue affects Block Class: from 4.0.0 before 4.0.1...
DRUPAL-CONTRIB-2025-043
Block Class enables you to add custom attributes to blocks. The module did not sufficiently sanitize custom attribute input, allowing for potential XSS attacks when malicious JavaScript was injected as a custom attribute. This vulnerability is mitigated by the fact that an attacker must have a ro...
Drupal Block Class 安全漏洞
Drupal Block Class is a module plugin in the Drupal content management system for the Drupal community. A security vulnerability exists in Drupal Block Class versions prior to 4.0.1 that stems from improper input neutralization and could lead to a cross-site scripting attack...
Drupal Block Class module 4.0.0 - Unauthenticated Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS vulnerability discovered by Ivo Van Geertruyen mr.baileys in WordPress Module Block Class versions 4.0.0...
PT-2025-17658 · Drupal · Drupal Block Class
Name of the Vulnerable Software and Affected Versions: Drupal Block Class versions 4.0.0 through 4.0.0 Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, in the Drupal Block Class. This allows for Cross-Site...
Block Class - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-043
Block Class enables you to add custom attributes to blocks. The module did not sufficiently sanitize custom attribute input, allowing for potential XSS attacks when malicious JavaScript was injected as a custom attribute. This vulnerability is mitigated by the fact that an attacker must have a ro...
Linux Distros Unpatched Vulnerability : CVE-2025-21745
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @blockclass's subsystem refcount leakage blkcgfillrootiostats iterates...
CVE-2025-21745
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @blockclass's subsystem refcount leakage blkcgfillrootiostats iterates over @blockclass's devices by classdeviterinit|next, but does not end iterating with classdeviterexit, so causes the class's subsystem...
CVE-2025-21745 blk-cgroup: Fix class @block_class's subsystem refcount leakage
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @blockclass's subsystem refcount leakage blkcgfillrootiostats iterates over @blockclass's devices by classdeviterinit|next, but does not end iterating with classdeviterexit, so causes the class's subsystem...
CVE-2025-21745
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @blockclass's subsystem refcount leakage blkcgfillrootiostats iterates over @blockclass's devices by classdeviterinit|next, but does not end iterating with classdeviterexit, so causes the class's subsystem...
CVE-2024-1561 Arbitrary Local File Read via Component Method Invocation in gradio-app/gradio
An issue was discovered in gradio-app/gradio, where the /componentserver endpoint improperly allows the invocation of any method on a Component class with attacker-controlled arguments. Specifically, by exploiting the moveresourcetoblockcache method of the Block class, an attacker can copy any fi...