2347 matches found
PT-2025-36997
Name of the Vulnerable Software and Affected Versions: PyInstaller versions prior to 6.0.0 Description: PyInstaller packages Python applications and their dependencies into a single package. A specially crafted entry appended to sys.path during the bootstrap process of a PyInstaller-frozen...
Cross-Site Scripting (XSS)
Bootstrap is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper handling of the data-loading-text attribute in the button plugin, which allows an attacker to inject and execute malicious JavaScript when the button’s loading state is triggered...
Cross-Site Scripting (XSS)
Bootstrap is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper neutralization of user input during web page generation, which allows an attacker to inject malicious scripts into the application...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21116)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input on the /apprain/developer/addons/update/bootstrap endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...
CVE-2025-41051
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/bootstrap...
Malicious code in websockets-tool-backend-bootstrap (npm)
The package websockets-tool-backend-bootstrap was found to contain malicious code...
Malicious code in hugo-stop-callback-bootstrap (npm)
The package hugo-stop-callback-bootstrap was found to contain malicious code...
Malicious code in bootstrap-biomimicry-parsec-cressida (npm)
The package bootstrap-biomimicry-parsec-cressida was found to contain malicious code...
Malicious code in subscription-bootstrap-publish-semantic-release (npm)
The package subscription-bootstrap-publish-semantic-release was found to contain malicious code...
Malicious code in stratigraphy-bootstrap-lithosphere-bellatrix (npm)
The package stratigraphy-bootstrap-lithosphere-bellatrix was found to contain malicious code...
Malicious code in tool-elektra-yildun-react-bootstrap (npm)
The package tool-elektra-yildun-react-bootstrap was found to contain malicious code...
Malicious code in jupiter-react-bootstrap-sedimentology-prettier-stylelint (npm)
The package jupiter-react-bootstrap-sedimentology-prettier-stylelint was found to contain malicious code...
Malicious code in cressida-darkmatter-bootstrap-luna (npm)
The package cressida-darkmatter-bootstrap-luna was found to contain malicious code...
MAL-2025-46147 Malicious code in stratigraphy-bootstrap-lithosphere-bellatrix (npm)
The package stratigraphy-bootstrap-lithosphere-bellatrix was found to contain malicious code...
MAL-2025-44583 Malicious code in heka-hercules-react-bootstrap-darkenergy (npm)
The package heka-hercules-react-bootstrap-darkenergy was found to contain malicious code...
MAL-2025-46474 Malicious code in upgrade-react-bootstrap-antares-airbnb (npm)
The package upgrade-react-bootstrap-antares-airbnb was found to contain malicious code...
MAL-2025-43643 Malicious code in bootstrap-biomimicry-parsec-cressida (npm)
The package bootstrap-biomimicry-parsec-cressida was found to contain malicious code...
MAL-2025-44646 Malicious code in hugo-stop-callback-bootstrap (npm)
The package hugo-stop-callback-bootstrap was found to contain malicious code...
MAL-2025-45760 Malicious code in react-bootstrap-helmet-archaeometry-server (npm)
The package react-bootstrap-helmet-archaeometry-server was found to contain malicious code...
Malicious code in betelgeuse-react-bootstrap-toml-wolf (npm)
The package betelgeuse-react-bootstrap-toml-wolf was found to contain malicious code...