6052 matches found
PT-2025-5465 · Unknown · Create With Code
Name of the Vulnerable Software and Affected Versions: Create with Code versions n/a through 1.4 Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This enables potential attackers to inject malicious scripts into the...
WordPress plugin Create with Code 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PYSEC-2025-131
lunasvg v3.0.0 was discovered to contain a allocation-size-too-big bug via the component plutovgsurfacecreate...
PYSEC-2025-131
lunasvg v3.0.0 was discovered to contain a allocation-size-too-big bug via the component plutovgsurfacecreate...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS via the plutovgsurfacecreate component. An attacker can cause a denial of service by creating a surface with an excessively large size. Details Denial of Service DoS describes a family of attacks, all aimed at maki...
PT-2025-3550 · Lunasvg · Lunasvg
Name of the Vulnerable Software and Affected Versions: lunasvg version 3.0.0 Description: The issue is related to an allocation-size-too-big bug in the plutovg surface create component. This bug can be exploited. Recommendations: For lunasvg version 3.0.0, consider disabling the plutovg surface...
LunaSVG 安全漏洞
LunaSVG is a standalone C SVG rendering library. A security vulnerability exists in LunaSVG that stems from the discovery of a containment allocation size oversize error via the component plutovgsurfacecreate. No detailed vulnerability details are provided at this time...
Malicious code in create-calypso-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df093bf0b3032586592d593a554c740ebe09f794cffc403f26b07319dd426d84 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-288 Malicious code in create-calypso-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df093bf0b3032586592d593a554c740ebe09f794cffc403f26b07319dd426d84 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-0559
A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the component Create Id Card Page. The manipulation of the argument ID Card Title leads to cross site...
CVE-2025-0559 Campcodes School Management Software Create Id Card Page create-id-card cross site scripting
A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the component Create Id Card Page. The manipulation of the argument ID Card Title leads to cross site...
PT-2025-3952 · Unknown · Campcodes School Management
Name of the Vulnerable Software and Affected Versions: Campcodes School Management Software version 1.0 Description: A cross-site scripting issue has been found in the Create Id Card Page component, specifically in the file /create-id-card. The manipulation of the ID Card Title argument leads to...
Campcodes School Management Software 代码注入漏洞
Campcodes School Management Software is a school management software from Campcodes, Inc. A code injection vulnerability exists in Campcodes School Management Software version 1.0, which originates from a cross-site scripting vulnerability in the ID Card Title parameter of the /create-id-card fil...
hornetq-core-client: Arbitrarily overwrite files or access sensitive information
A flaw was found in the createTempFile method of hornetq. Affected version of hornetq allows attackers to arbitrarily overwrite files or access sensitive information...
PT-2025-2947 · Fortinet · Fortisiem
Name of the Vulnerable Software and Affected Versions: FortiSIEM versions 7.1.7 and below FortiSIEM versions 7.0.3 and below FortiSIEM versions 6.7.9 and below FortiSIEM versions 6.6.5 and below FortiSIEM versions 6.5.3 and below FortiSIEM versions 6.4.4 and below Description: The issue is relate...
CVE-2025-0103 Expedition: SQL Injection Vulnerability
An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on...
SUSE CVE-2024-56606
In the Linux kernel, the following vulnerability has been resolved: afpacket: avoid erroring out after sockinitdata in packetcreate After sockinitdata the allocated sk object is attached to the provided sock object. On error, packetcreate frees the sk object leaving the dangling pointer in the so...
The vulnerability of the `dc_state_create_copy()` function in the `drivers/gpu/drm/amd/display/dc/core/dc_state.c` file of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the dcstatecreatecopy function in the drivers/gpu/drm/amd/display/dc/core/dcstate.c file of the Linux kernel is related to the repeated release of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, a...
CVE-2024-13205
A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/createproduct.php of the component Create Product Page. The manipulation of the argument Name leads to cross site scripting. Th...
CVE-2024-13205
A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/createproduct.php of the component Create Product Page. The manipulation of the argument Name leads to cross site scripting. Th...