Lucene search
+L

99 matches found

OSV
OSV
added 2026/03/24 1:25 p.m.10 views

CVE-2026-33418 @dicebear/converter ensureSize() Vulnerable to SVG Dimension Capping Bypass via XML Comment Injection

DiceBear is an avatar library for designers and developers. Prior to version 9.4.2, the ensureSize function in @dicebear/converter used a regex-based approach to rewrite SVG width/height attributes, capping them at 2048px to prevent denial of service. This size capping could be bypassed by crafti...

7.5CVSS5.8AI score0.00376EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/20 8:35 p.m.17 views

SVG Dimension Capping Bypass via XML Comment Injection in @dicebear/converter ensureSize()

Summary The ensureSize function in @dicebear/converter used a regex-based approach to rewrite SVG width/height attributes, capping them at 2048px to prevent denial of service. This size capping could be bypassed by crafting SVG input that causes the regex to match a non-functional occurrence of s...

7.5CVSS5.8AI score0.00376EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/03/20 8:35 p.m.8 views

Allocation of Resources Without Limits or Throttling

Overview @dicebear/converter is a SVG Converter for DiceBear Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ensureSize function. An attacker can cause excessive memory allocation and application crashes by injecting specially craft...

8.7CVSS5.8AI score0.00376EPSS
Exploits0References3
OSV
OSV
added 2026/03/20 8:35 p.m.6 views

GHSA-7J2X-32W6-P43P SVG Dimension Capping Bypass via XML Comment Injection in @dicebear/converter ensureSize()

Summary The ensureSize function in @dicebear/converter used a regex-based approach to rewrite SVG width/height attributes, capping them at 2048px to prevent denial of service. This size capping could be bypassed by crafting SVG input that causes the regex to match a non-functional occurrence of s...

7.5CVSS5.8AI score0.00376EPSS
Exploits0References3
CVE
CVE
added 2026/02/26 12:58 a.m.26 views

CVE-2026-27902

Svelte prior to version 5.53.5 is vulnerable to HTML injection and XSS in SSR error boundary hydration markers, caused by transformError not being properly escaped before HTML output. Attacker-controlled content returned from transformError could be embedded in the page. The issue is fixed in 5.5...

5.4CVSS5.3AI score0.00226EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/02/26 12:58 a.m.4 views

CVE-2026-27902 Svelte Vulnerable to XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers

Svelte performance oriented web framework. Prior to version 5.53.5, errors from transformError were not correctly escaped prior to being embedded in the HTML output, causing potential HTML injection and XSS if attacker-controlled content is returned from transformError. Version 5.53.5 fixes the...

5.3CVSS5.5AI score0.00226EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/02/26 12:58 a.m.6 views

CVE-2026-27902 Svelte Vulnerable to XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers

Svelte performance oriented web framework. Prior to version 5.53.5, errors from transformError were not correctly escaped prior to being embedded in the HTML output, causing potential HTML injection and XSS if attacker-controlled content is returned from transformError. Version 5.53.5 fixes the...

5.3CVSS5.3AI score0.00226EPSS
Exploits0References3
OSV
OSV
added 2026/02/20 9:15 p.m.6 views

GHSA-RCQW-6466-3MV7 AVideo has Stored Cross-Site Scripting via Markdown Comment Injection

Vulnerability Type Stored Cross-Site Scripting XSS — CWE-79. Affected Product/Versions AVideo 18.0. Root Cause Summary AVideo allows Markdown in video comments and uses Parsedown v1.7.4 without Safe Mode enabled. Markdown links are not sufficiently sanitized, allowing javascript: URIs to be...

5.1CVSS5.6AI score0.00229EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/18 6:42 a.m.36 views

CVE-2026-1640 Taskbuilder <= 5.0.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Project/Task Comment Creation

The Taskbuilder – WordPress Project Management & Task Management plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.0.2. This is due to missing authorization checks on the project and task comment submission functions AJAX actions:...

4.3CVSS0.00261EPSS
Exploits0References3
NVD
NVD
added 2026/01/08 6:15 p.m.6 views

CVE-2026-22231

OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0...

5.5CVSS0.00207EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/08 5:11 p.m.25 views

CVE-2026-22233 OPEXUS eCASE Audit Project Cost stored XSS

OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment in the "Estimated Staff Hours" field. The JavaScript is executed whenever another user visits the Project Cost tab. Fixed in OPEXUS eCASE Audit 11.14.2.0...

5.5CVSS0.00207EPSS
Exploits0References3
OSV
OSV
added 2025/11/18 12:0 a.m.5 views

CVE-2025-63693

The comment editing template dzz/comment/template/editform.htm in DzzOffice 2.3.x lacks adequate security escaping for user-controllable data in multiple contexts, including HTML and JavaScript strings. This allows low-privilege attackers to construct comment content or request parameters and...

5.4CVSS7.3AI score0.00173EPSS
Exploits1References4
Veracode
Veracode
added 2025/10/16 7:34 a.m.5 views

Improper Input Validation

datahihi1/tiny-env is vulnerable to Improper Input Validation. The vulnerability is due to missing sanitization of characters, allowing attackers to inject comment text that can cause misconfigurations or authentication failures...

6.5CVSS7.1AI score0.00194EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/10/08 1:15 p.m.10 views

CVE-2025-60299

Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /book/addCommentReply endpoint. An authenticated user can inject malicious JavaScript through the replyContent parameter when replying to a book comment. The payload is stored in the database a...

5.4CVSS0.002EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-0353

Malware in sbrugna...

4.3CVSS6.4AI score0.01384EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-8700

Malware in sbrugna...

6.1CVSS6.5AI score0.01784EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2006-2817

Malware in sbrugna...

4.3CVSS6.4AI score0.0118EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-6998

Malware in sbrugna...

4.3CVSS6.4AI score0.01033EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2015-3484

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.17945EPSS
Exploits1References17
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-54392

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00245EPSS
Exploits1References1
Rows per page
Query Builder