74 matches found
[SECURITY] Fedora 42 Update: qt5-qtgamepad-5.15.18-1.fc42
Qt Gamepad provides a way to display web content in a QML application without necessarily including a full web browser stack by using native APIs where it makes sense...
EUVD-2017-4188
Malware in sbrugna...
EUVD-2010-3807
Malware in sbrugna...
[SECURITY] Fedora 42 Update: qt6-qtwebview-6.9.1-1.fc42
Qt WebView provides a way to display web content in a QML application without necessarily including a full web browser stack by using native APIs where it makes sense...
CVE-2017-12649
XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted title or summary that is mishandled in the Web Content Display...
CVE-2025-32371 Unexpected external content may be displayed in DNN ImageHandler
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. A url could be crafted to the DNN ImageHandler to render text from a querystring parameter. This text would display in the resulting image and a user that trusts the domain might think that t...
CVE-2025-29868
Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a user uses an externally referenced image, when a user accesses this image, the provider of the image may obtain private information about the ip address of th...
CVE-2025-29868 Apache Answer: Using externally referenced images can leak user privacy.
Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a user uses an externally referenced image, when a user accesses this image, the provider of the image may obtain private information about the ip address of th...
Mobile Security Framework 安全漏洞
Mobile Security Framework MobSF is an automated all-in-one mobile application open-sourced by Mobile Security Framework. It is used for penetration testing, malware analysis, and security assessments, and is capable of performing both static and dynamic analysis. A security vulnerability exists i...
[SECURITY] Fedora 40 Update: qt5-qtgamepad-5.15.14-1.fc40
Qt Gamepad provides a way to display web content in a QML application without necessarily including a full web browser stack by using native APIs where it makes sense...
[SECURITY] Fedora 40 Update: qt6-qtwebview-6.7.1-1.fc40
Qt WebView provides a way to display web content in a QML application without necessarily including a full web browser stack by using native APIs where it makes sense...
CVE-2024-1526
The vulnerability CVE-2024-1526 affects the Hubbub Lite WordPress plugin for versions prior to 1.33.1. The issue arises from the plugin not ensuring that a user has access to password-protected posts before displaying their content in a meta tag (og:description) when Open Graph meta tags are enab...
BIT-LIFERAY-2023-33942
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...
Mozilla Firefox Security Vulnerability
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 121, which stems from allowing untrustworthy content to be displayed under the name of trusted content...
Liferay Portal 7.4.3.50 < 7.4.3.51 XSS
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field. Not...
Cross-site scripting in Liferay Portal
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...
GHSA-WV99-WMPF-JRQR Cross-site scripting in Liferay Portal
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...
CVE-2023-33942
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...
CVE-2023-33942
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...
Cross site scripting
Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...