3 matches found
GHSA-VXR8-FQ34-VVX9 DOMPurify: Trusted Types policy survives `clearConfig()` and can poison later `RETURN_TRUSTED_TYPE` output
Impact A DOMPurify instance that is reused across trust boundaries can stay bound to a previously supplied TRUSTEDTYPESPOLICY even after clearConfig is called. A later caller that requests RETURNTRUSTEDTYPE receives a TrustedHTML object created by the old policy, not by a clean default...
CVE-2025-65828
An unauthenticated attacker within proximity of the Meatmeet device can issue several commands over Bluetooth Low Energy BLE to these devices which would result in a Denial of Service. These commands include: shutdown, restart, clear config. Clear config would disassociate the current device from...
CVE-2025-65828
Meatmeet devices are vulnerable to an unauthenticated BLE-based Denial of Service. An attacker within BLE range can issue commands such as shutdown, restart, and clear config, which disassociates the device from its user and prevents receiving updates from the base station until the device is fix...