16 matches found
CVE-2026-61465
ImageMagick before 7.1.2-26 and 6.9.13-51 lacks a check for the allowed memory allocation limit in matrix-backed operations (e.g., -canny). A crafted image can cause ImageMagick to allocate more memory than policy permits, resulting in a denial of service. Affected components: ImageMagick's memor...
EUVD-2026-43185
ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can supply a crafted image that causes ImageMagick to allocate more memory than permitted by the configured policy, resulting in a denial of...
CVE-2024-39656
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Uncanny Owl Tin Canny Reporting for LearnDash allows Reflected XSS.This issue affects Tin Canny Reporting for LearnDash: from n/a through 4.3.0.7...
EUVD-2020-30259
Malware in sbrugna...
EUVD-2024-38161
Malicious code in bioql PyPI...
MAL-2025-35035 Malicious code in test-mlw2-canny-tifts (npm)
The package test-mlw2-canny-tifts was found to contain malicious code...
Malicious code in test-mlw2-canny-tifts (npm)
The package test-mlw2-canny-tifts was found to contain malicious code...
CVE-2024-39656
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Uncanny Owl Tin Canny Reporting for LearnDash allows Reflected XSS.This issue affects Tin Canny Reporting for LearnDash: from n/a through 4.3.0.7...
CVE-2024-39656 WordPress Tin Canny Reporting for LearnDash plugin <= 4.3.0.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Uncanny Owl Tin Canny Reporting for LearnDash allows Reflected XSS.This issue affects Tin Canny Reporting for LearnDash: from n/a through 4.3.0.7...
CVE-2024-39656 WordPress Tin Canny Reporting for LearnDash plugin <= 4.3.0.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Uncanny Owl Tin Canny Reporting for LearnDash allows Reflected XSS.This issue affects Tin Canny Reporting for LearnDash: from n/a through 4.3.0.7...
WordPress Tin Canny Reporting for LearnDash plugin <= 4.3.0.7 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Tin Canny Reporting for LearnDash versions = 4.3.0.7...
WordPress Tin Canny Reporting for LearnDash Plugin <= 4.3.0.7 is vulnerable to Cross Site Scripting (XSS)
Software Tin Canny Reporting for LearnDash Type Plugin Vulnerable versions = 4.3.0.7 Fixed in 4.3.0.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-39656 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e6e93ecaf931 Credits Dave Jong...
PT-2024-28594 · Uncanny Owl · Uncanny Owl Tin Canny Reporting
Name of the Vulnerable Software and Affected Versions: Uncanny Owl Tin Canny Reporting for LearnDash versions prior to 4.3.0.8 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS...
WordPress plugin Tin Canny Reporting for LearnDash 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...
CVE-2020-9439
Multiple cross-site scripting XSS vulnerabilities in Uncanny Owl Tin Canny LearnDash Reporting before 3.4.4 allows authenticated remote attackers to inject arbitrary web script or HTML via the searchkey GET Parameter in TinCanContentListTable.php, message GET Parameter in licensing.php,...
CVE-2020-9439
Uncanny Owl Tin Canny LearnDash Reporting prior to 3.4.4 contains multiple XSS vulnerabilities exploitable by authenticated remote actors via several GET parameters (e.g., search_key in TinCan_Content_List_Table.php; licensing.php; tc_filter_* in reporting-admin-menu.php; tc_filter_data_range/ tc...